last executing test programs:

7m17.521453081s ago: executing program 32 (id=311):
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x4000)
stat(&(0x7f0000004280)='./file0\x00', 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000004380), 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004440), 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x0, 0x401}, 0xc)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000080)=0xc, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x7c, 0x30, 0x1, 0x0, 0x0, {}, [{0x68, 0x1, [@m_mpls={0x64, 0x1, 0x0, 0x0, {{0x9}, {0x38, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x5}}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}, @TCA_MPLS_PROTO={0x6, 0x4, 0x8847}, @TCA_MPLS_LABEL={0x8, 0x5, 0x199d2}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
rt_sigpending(0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x2)
readv(r1, &(0x7f0000000600)=[{&(0x7f00000002c0)=""/135, 0xc9}], 0x1)

2m59.605687278s ago: executing program 0 (id=6554):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796efea77aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece72f2090000f44a3210223fdae7ed04935c3c90941576aebc8619d73415cda2130f5011e4845505000001000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bf463261135e24d154114df1381b02a0dcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f884cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9a33c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac00000b0000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293d5c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f257aac5af18d8c6b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b79990565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353fad794b46c4fd73e1b4cc78de2156cb158870d5b8446dae9ba5f7f244e6cf8f6791671057347208a313ebbcb72b04706005670f2b0055e440d72c7c3316982c6ebe8675458cf6bb393b007f5cedb7bc411834600000000000000000000000000a20071b07d568a8150ed646b4978d0226d9651647a5999ae7c7c85322a215fcdb1adbad63499518fe0d10145d430422c78367dfa941f74b63f3884565ac89c673da2c2b1172be5f2cd1f3f453ebddd432bd24c73fa773b739e20fcec16a821230654a383ac1868495f67d942c772ca75e09073dbe9307ff5cac7c2c411149a4d989a8a019e068da218d4bc34e4102fd2f97397331e4cd70b4915582b635f07ca87f00dc929f902540f565c20add8675b79e005cf0277d954697317b907b77fa5d6b7feaebaf676a2a37de8aa70748fee4bc198ffd3e2de11eb0eff896fd94de0805ba6b1054a7b3e300d4581e9af62a1ecaee96d2819b3d192e5b9561eb622da25450f586be14017a1cf74f89a1dd18af004decfe266134c3d036ae7996931fe6008a73ed34c35f0da4ffee1fe63bc1af6ef1b4731d50b8ceb582a1e9c6e8d97f8290cc105754f592d16ccdb1df8636d7ca5e372cea97dd0f005cc7092b126dd46758917fb0d94b8483d403bd451429cc1660f0b5a529d8134dc2702f6d8e2f943d98fbe50a3ba653f13f98a00fcbf311f9758ade8e4eb87b4b9fb2d387f5d8c4bdcab2fff9ed8c9de961fd831a070381c8020352fea7c334b2959ddd956701a7ea415e224a81c9fa1ebbabe74f7743e09b6c8b72650b51d5c2000ef3679c039b3604374fc1af7ab354204afbd24f0e701bc08a98452ce2668617e85e0d876f5a8b6d9b777f1c384d8a9883e4262defb6b9aab8d5b76bc91ca50f87966797da2499ca0ac76707c0408a7b6d8708fe7714988babdc11f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x88, 0x67, &(0x7f00000002c0)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e24, @multicast1=0xe000004f}, 0x10, &(0x7f0000000300)=[{0x0}], 0x1, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x40}, @dev={0xac, 0x14, 0x14, 0x3a}}}}], 0x20}, 0x4840)

2m59.605102358s ago: executing program 0 (id=6555):
close(0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x5)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r0}, 0x3d)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x3, 0x4, 0x4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000940)={r1, 0x2000002, 0x6d, 0x0, &(0x7f00000004c0)="0000008000a4ff111b00000000000c444651168805931983fecd2f226a8cd42fbf38c006bd553d6f9de4034d78872447ea211befac105eec12750afb931b880cd4dc24db1cd98baf30a39be2cce7ced8bdaad35c474fc33bd35e6dbee90c85f06300"/110, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m59.509065077s ago: executing program 0 (id=6556):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f0000000200)='%-5lx  \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000140)='%pI4   \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r2}, 0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000540)=ANY=[@ANYBLOB="180200000000000000000000030000008500000017000000b7080000000000007b8af8ff00000000b7080000000000807b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0x7, 0x0, &(0x7f0000000100)="e0b9547ed387db", 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m59.503886738s ago: executing program 0 (id=6558):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x36, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000180)={0x3, <r7=>0x0}, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000380)={r7}, 0x4)

2m59.401311078s ago: executing program 5 (id=6565):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040800000a00000000425ddd", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x4, 0x2, 0xf, 0x62, 0x0, 0x7fffffffffffffff, 0x40, 0x8, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x4f, 0x2, @perf_config_ext={0xe, 0x4}, 0x1f97, 0x7, 0xc9, 0x5, 0x2, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x62d}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x1b, &(0x7f00000000c0)=@framed={{}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @ldst={0x3, 0x2, 0x2, 0x8, 0x8, 0x18}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}, @map_fd={0x18, 0x8, 0x1, 0x0, r0}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x7}, @jmp={0x5, 0x0, 0x1, 0x1, 0x2, 0x20, 0x8}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}]}, &(0x7f00000001c0)='GPL\x00', 0x4, 0x5a, &(0x7f0000000200)=""/90, 0x41000, 0x64, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000380)=[{0x4, 0x2, 0x7, 0x5}, {0x0, 0x4, 0x7, 0xc}], 0x10, 0x40000000}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$kcm(0x2, 0x2, 0x0)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000008c0)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000900)={0x3, 0x4, 0x4, 0xa, 0x0, r3, 0xa, '\x00', 0x0, r4, 0x5, 0x0, 0x3}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$sock(0xffffffffffffffff, 0x0, 0x101d0)
sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000a40)={0x2c, 0x7, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x6}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000980)='./cgroup.cpu/syz1\x00', 0x1ff)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a"], 0x18c0}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2m59.256640302s ago: executing program 5 (id=6570):
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x70}}, 0x0)

2m59.250568733s ago: executing program 5 (id=6571):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x8, 0x1, 0x4, 0x0, 0x2004, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2}, 0x50)

2m59.228568555s ago: executing program 5 (id=6572):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\n'], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x48)

2m58.865145001s ago: executing program 4 (id=6591):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x48, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80102, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x800, 0x3, 0x0, 0x4, 0x3fe, 0x7ffffffc, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
openat$tun(0xffffffffffffff9c, 0x0, 0x101040, 0x0)
socket$kcm(0x1e, 0x4, 0x0)
r0 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r0, &(0x7f0000000700)={&(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="280000000000000000000000070000000717a87f000001ac141400e0000001ac1e0001ac1414bb011c000000000000000000000008000000", @ANYRES64=r0], 0x48}, 0x0)

2m58.862592201s ago: executing program 4 (id=6594):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000012c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d02409819180179714ed0a6e1f0f755d8583da60f27c162dbba0706002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cece48c38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5ff01000000000000b69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b4073f300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b87234a30900000000000068133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c2"], 0x0}, 0x94)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590241c90000002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada33cc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0)

2m58.800527067s ago: executing program 4 (id=6599):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x3000c041)
r1 = socket$kcm(0x10, 0x2, 0x4)
r2 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000000000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)

2m58.757803942s ago: executing program 4 (id=6601):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2m58.636440223s ago: executing program 4 (id=6605):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20008000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="b4050000fdff7f006110a40000000000c60000000000000095000000000000009f33ef60916e6e713f1e6b0b725ad99b817fd98cd824498949714e32f21dcc4ae5437aca55f21f3ca9e822d182054d54d53cd2b6da714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed00000000000000000000000000000000000000006c63b40e0c00000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f79829c90bd2114252581567acae715cbe1b57d5cda432c5b9443999f7d24195405f2e76ba88454cc9227069ccb7b37b41215c000000003be991e5e897284cdd6043058cec00000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvmsg$kcm(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000300)=""/143, 0x8f}], 0x1}, 0x2)

2m58.634904363s ago: executing program 0 (id=6606):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xffffffffffffffff}, 0x8, 0x0, 0x0, 0x0, 0x6, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x400200000000003e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
perf_event_open(0x0, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB="0d00ff0000000000830000000000000045"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f3, &(0x7f0000000080))

2m58.472162449s ago: executing program 33 (id=6607):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x70}}, 0x0)

2m58.309958475s ago: executing program 0 (id=6609):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99db"], &(0x7f0000000140)='GPL\x00'}, 0x94)
r2 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r2, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
sendmsg$kcm(r0, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0)

2m58.309715966s ago: executing program 34 (id=6609):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99db"], &(0x7f0000000140)='GPL\x00'}, 0x94)
r2 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r2, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
sendmsg$kcm(r0, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000880)="1a", 0x100000}], 0x1}, 0x0)

2m58.306852296s ago: executing program 4 (id=6610):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee0, 0x4, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x4, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a7c000000060a030400000000000000000a0000050900010073797a3100000000500004804c0001800b00010074617267657400003c00028024000300733900000455afb9fdd672bad09dfb78c7699c74e891a0c7000000000000000008000240000000000c00010052415445455354000900020073797a32"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
close(0xffffffffffffffff)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000600)}], 0x1}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'wlan1\x00', 0x2000})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x26e1, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110c23003f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01"], 0x0, 0x3e}, 0x28)
write$cgroup_devices(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="80fd"], 0xa)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x78, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_HOOK_DEV={0x14, 0x3, 'netdevsim0\x00'}]}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7fff}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000000}]}]}], {0x14}}, 0xc0}}, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
close(r6)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181003100000002200000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x20040040)

2m58.243423202s ago: executing program 35 (id=6610):
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee0, 0x4, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x4, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a7c000000060a030400000000000000000a0000050900010073797a3100000000500004804c0001800b00010074617267657400003c00028024000300733900000455afb9fdd672bad09dfb78c7699c74e891a0c7000000000000000008000240000000000c00010052415445455354000900020073797a32"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
close(0xffffffffffffffff)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000600)}], 0x1}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'wlan1\x00', 0x2000})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x26e1, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110c23003f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01"], 0x0, 0x3e}, 0x28)
write$cgroup_devices(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="80fd"], 0xa)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x78, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_HOOK_DEV={0x14, 0x3, 'netdevsim0\x00'}]}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x7fff}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000000}]}]}], {0x14}}, 0xc0}}, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
close(r6)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181003100000002200000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x20040040)

2m58.237058892s ago: executing program 5 (id=6611):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0xa54a9d76e5e2e84, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

2m55.651762287s ago: executing program 5 (id=6614):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000140), &(0x7f0000000180)=r0}, 0x20)

2m55.651620317s ago: executing program 36 (id=6614):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000140), &(0x7f0000000180)=r0}, 0x20)

2m49.692060585s ago: executing program 6 (id=6824):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590241c90000002f1eafbcf706e1050000008847000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada33cc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e3", 0x44}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xf}], 0x4}, 0x0)

2m49.580785145s ago: executing program 6 (id=6829):
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe33)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x7c, 0x4}, 0x2, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0xa00000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0xa, 0x3, 0x106)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150300000000050005000000"], 0x5c}}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x8, 0xffffffffffffffff, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[], 0x0, 0x18, 0x0, 0x1}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x2, 0x1, 0x100, &(0x7f0000000440))
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b6d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x1, 0x1, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r2, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x1401, 0x201, 0x70bd2d, 0x25dfdbfe}, 0x10}}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x0, 0x4, 0x0, 0xffffffffffffffa8)
setsockopt$sock_attach_bpf(r1, 0x0, 0x4, 0x0, 0x0)
r4 = socket$kcm(0x2, 0x5, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x2, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
sendmsg$inet(r4, &(0x7f00000004c0)={&(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x3e8)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={0x0, 0x0, 0x43}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)

2m49.383678485s ago: executing program 6 (id=6840):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000000000000000000000000100085000000180000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000080)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m49.309177083s ago: executing program 6 (id=6842):
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2m49.308268522s ago: executing program 6 (id=6844):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000001380)="39b3", 0x2}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="10000000000000001100000002000000100000000000000001ac2036c67ce14400000002000000"], 0x20}, 0x40880)
perf_event_open(&(0x7f0000000440)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x100, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
close(r0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@getsa={0x28, 0x12, 0x1, 0x70bd28, 0x25dfdbfe, {@in6=@mcast1, 0x4d6, 0x2, 0x32}}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

2m49.147348519s ago: executing program 6 (id=6850):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x7}, 0x0)

2m48.542658548s ago: executing program 7 (id=6875):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xc, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000002}, 0x94)

2m48.493265123s ago: executing program 7 (id=6879):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="340000000506010100000000000000000000000a050001"], 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000080)

2m48.485184864s ago: executing program 7 (id=6881):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590241c90000002f1eafbcf706e1050000008847000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada33cc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90", 0x77}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xf}], 0x4}, 0x0)

2m48.444384068s ago: executing program 7 (id=6883):
close(0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x5)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c4300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='hrtimer_start\x00', r0}, 0x3d)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x3, 0x4, 0x4, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000940)={r1, 0x2000002, 0x6d, 0x0, &(0x7f00000004c0)="0000008000a4ff111b00000000000c444651168805931983fecd2f226a8cd42fbf38c006bd553d6f9de4034d78872447ea211befac105eec12750afb931b880cd4dc24db1cd98baf30a39be2cce7ced8bdaad35c474fc33bd35e6dbee90c85f06300"/110, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m48.387355673s ago: executing program 7 (id=6886):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0xa38, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000780)='./file0/../file0\x00', 0x0, 0xa06002, 0x0)

2m48.229234239s ago: executing program 7 (id=6891):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xc, 0x3, &(0x7f0000000800)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000002}, 0x94)

2m34.124718749s ago: executing program 37 (id=6850):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x7}, 0x0)

2m33.075551403s ago: executing program 38 (id=6891):
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xc, 0x3, &(0x7f0000000800)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000002}, 0x94)

2.415387692s ago: executing program 9 (id=12168):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2aa40, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x2})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

2.026568261s ago: executing program 9 (id=12174):
r0 = socket$inet6(0xa, 0x2, 0xfffffffe)
fchown(0xffffffffffffffff, 0x0, 0xee01)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0xfd, 0x0, 0xff, 0x0, 0x100, 0x10020, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180), 0x8}, 0x2140, 0x0, 0xffffffff, 0x3, 0x2, 0x1, 0x1}, 0x0, 0x4, 0xffffffffffffffff, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0xb, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2d00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000001c0)='ata_eh_link_autopsy\x00', r1}, 0x18)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
r3 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001600)={r2, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09d0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
creat(&(0x7f0000000140)='./file0\x00', 0x106)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x1)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000080))
llistxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
memfd_secret(0x0)
unshare(0x8040480)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x5]}, 0x8, 0x800)
io_setup(0x81, &(0x7f0000000b80)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0}])

1.923764331s ago: executing program 3 (id=12176):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1067, 0x80, 0x4, 0x224}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT2={0x1c, 0x40, 0x0, 0xffffffffffffffff, &(0x7f00000004c0)={0x200000, 0x158, 0x18}, 0x0, 0x18, 0x0, 0x23456})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r6, 0x0, 0x97}, 0x18)
prlimit64(0x0, 0xd, &(0x7f0000000340)={0xcf44, 0xfffffffffffffff7}, 0x0)
r7 = io_uring_setup(0x1020, &(0x7f00000000c0)={0x0, 0x6a0d, 0x3000, 0x1, 0x387})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r7, 0x21, &(0x7f0000000340)={0x0, 0x2fc3f, 0x10, 0x2, 0x377, 0x0, r7}, 0x1)
ioctl$AUTOFS_IOC_FAIL(r5, 0x9361, 0x596)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r8, 0x0, 0x1034}, 0x18)
r10 = socket$netlink(0x10, 0x3, 0x14)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r11, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x0, 0x5404, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r9, 0xc020662a, &(0x7f0000000440)={0x3fffffffbfb, 0x5, 0x5, 0x5, 0x1, 0x0, [{0x800000002, 0xab8, 0x5, '\x00', 0x102}]})
r12 = syz_genetlink_get_family_id$nl80211(0x0, r10)
sendmsg$NL80211_CMD_SET_CQM(r11, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000580)={0xf0, r12, 0x200, 0x70bd28, 0x25dfdbf8, {{}, {@void, @val={0xc, 0x99, {0xe985, 0x74}}}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x100}]}, @NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x9, 0xfffffffc]}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x26}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x3}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x6ac}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x4}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x704}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x2b8}]}, @NL80211_ATTR_CQM={0x28, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xf}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xd}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x2}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x8, 0x7]}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x22}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0xb}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xb20}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x6}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x1f}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x7}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x56}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x33a}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xb778}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x3e}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x20008090}, 0x8000)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r13 = syz_genetlink_get_family_id$gtp(&(0x7f0000000140), 0xffffffffffffffff)
r14 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000280)='\x00', &(0x7f00000002c0)={0x2c2742, 0x21, 0x2}, 0x18)
open_tree(r14, &(0x7f0000000500)='./file1\x00', 0x100)
sendmsg$GTP_CMD_ECHOREQ(r10, 0x0, 0x81)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r13, 0x20, 0x70bd28, 0x25dfdbff, {}, [@GTPA_PEER_ADDR6={0x14, 0xb, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x24000001)

1.850568158s ago: executing program 9 (id=12180):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f00000009c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000100)='kfree\x00', r1, 0x0, 0x6}, 0x18)
r2 = syz_io_uring_setup(0xbc3, &(0x7f0000000540)={0x0, 0x1568, 0x10000, 0x2, 0x264}, &(0x7f0000000040)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x10000000000002a8, 0x8, 0x1, {0x2}})
io_uring_enter(r2, 0x29ab, 0xd480, 0x0, 0x0, 0x0)

1.849522198s ago: executing program 3 (id=12181):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r3, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x38, 0x2c, 0xf31, 0x600, 0x25dfcbfb, {0x0, 0x0, 0x0, r6, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)

1.816025242s ago: executing program 9 (id=12182):
r0 = socket(0x18, 0x4, 0x0)
connect$pppoe(r0, &(0x7f0000000100)={0x18, 0x0, {0x2, @multicast, 'vcan0\x00'}}, 0x1e)
syz_genetlink_get_family_id$devlink(&(0x7f0000000380), r0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095", @ANYRES64=r0, @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000000), r1)
fchdir(0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0)
sendmsg$NFC_CMD_DEP_LINK_UP(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x68, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_SSID={0x12, 0x34, @random="0e556cd39e04d837ea630820720d"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SSID={0x8, 0x34, @random="ee4ee5f2"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac}]}, 0x68}, 0x1, 0x0, 0x0, 0x4040}, 0x24000005)

1.766377686s ago: executing program 3 (id=12184):
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, 0x0, 0x64, 0x183000, 0x12345})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.534200009s ago: executing program 3 (id=12187):
r0 = openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x44f0)

1.42511096s ago: executing program 3 (id=12188):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}, 0x828, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
ioctl$TUNSETIFF(r0, 0xb701, 0x0)

1.408763402s ago: executing program 8 (id=12189):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket(0x23, 0x800, 0xfffffbcd)
recvmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000001080)=""/4096, 0x1000}], 0x1}, 0x2}], 0x1, 0x10120, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x300000c, 0x3032, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x8, &(0x7f0000000080)=[{0x0}], 0x1, 0x0, 0x0, 0x5}, 0x2004c000)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r5, &(0x7f0000000000), 0x4000000000001f2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r6, &(0x7f0000000040), 0x10)
listen(r6, 0x0)
r7 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r7, &(0x7f0000000080), 0x10)
sendmmsg(r7, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r8 = accept4$unix(r6, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000e300000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000002340)={0x11, 0xf, &(0x7f0000000440)=ANY=[@ANYBLOB="00bf377b568d", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000002140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r9}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000086f4c1d81f34a6789666f8c25e5ea22047eb968145cf8769f61a000021c0db9fcd4fd4bee16d91d04cdb09b7c8d93f7d24027d54d9c8d03ca10ed2805e8f85ddb0405123755a8bdf7331e6925c7a58ff0cc961a0971031a06d79758cc9731fbc2d1dcbae1041915ff84fde830b1d98961778e0bdb4be2b516bb6fc796c89037f2f949a5c9e44722766b77366fcb303589f201e31f8ff000000000000000000000000000000000000000000518070bd86c3c250904857c6b6baf51c9dcb0990263d082c5b1d4951162d3c9f27391251b3e70985801fe0a2c1665e4e3da2d6a4652ebfe93eec985dfd7de0441de5381f8fa4d6518b65499e9b5f6ae69c18db5aee5fee7a2d42c6aef49dff440597733c9d53063a79d528fe0342c46842e0c9cbdd304bbbf8d7dd369bd73ebca0642fc7fa0bf387f8de6f03484baddcf1b13ece67c7cefa0564af34cdba8b1a254d292497fbb2a270a92cf0990b2fd81efaf8932e1e3a7f365ef0f4ca7d46ef648da5fe0cd4c9e17bdee98d802f8540256db723986b8b050694aa04185c2adff271b9c0f2a5db21b55c5cfd94dabfb2589067b8186359ea035bc108719f1b05f99ba3333457969e9f72d91029f3ba1c4b061faaf00a", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
recvfrom$unix(r8, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.21985559s ago: executing program 8 (id=12190):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000064010100"/30, @ANYRES32=0x0, @ANYBLOB="000800000000000003000000000000000000000000000000fd"], 0xfc}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x27, &(0x7f0000000000)=""/114}, 0xa8)

1.194319963s ago: executing program 8 (id=12191):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000540)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00', 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000080)={r2, 0x33280000}, 0x8) (fail_nth: 2)

921.82135ms ago: executing program 8 (id=12192):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1067, 0x80, 0x4, 0x224}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT2={0x1c, 0x40, 0x0, 0xffffffffffffffff, &(0x7f00000004c0)={0x200000, 0x158, 0x18}, 0x0, 0x18, 0x0, 0x23456})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0x97}, 0x18)
prlimit64(0x0, 0xd, 0x0, 0x0)
r7 = io_uring_setup(0x1020, &(0x7f00000000c0)={0x0, 0x6a0d, 0x3000, 0x1, 0x387})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r7, 0x21, &(0x7f0000000340)={0x0, 0x2fc3f, 0x10, 0x2, 0x377, 0x0, r7}, 0x1)
ioctl$AUTOFS_IOC_FAIL(r5, 0x9361, 0x596)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r8, 0x0, 0x1034}, 0x18)
r10 = socket$netlink(0x10, 0x3, 0x14)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r11, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x0, 0x5404, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r9, 0xc020662a, &(0x7f0000000440)={0x3fffffffbfb, 0x5, 0x5, 0x5, 0x1, 0x0, [{0x800000002, 0xab8, 0x5, '\x00', 0x102}]})
r12 = syz_genetlink_get_family_id$nl80211(0x0, r10)
sendmsg$NL80211_CMD_SET_CQM(r11, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000580)={0xf0, r12, 0x200, 0x70bd28, 0x25dfdbf8, {{}, {@void, @val={0xc, 0x99, {0xe985, 0x74}}}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x100}]}, @NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x9, 0xfffffffc]}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x26}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x3}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x6ac}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x4}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x704}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x2b8}]}, @NL80211_ATTR_CQM={0x28, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xf}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xd}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x2}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x8, 0x7]}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x22}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0xb}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xb20}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x6}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x1f}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x7}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x56}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x33a}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xb778}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x3e}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x20008090}, 0x8000)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r13 = syz_genetlink_get_family_id$gtp(&(0x7f0000000140), 0xffffffffffffffff)
r14 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000280)='\x00', &(0x7f00000002c0)={0x2c2742, 0x21, 0x2}, 0x18)
open_tree(r14, &(0x7f0000000500)='./file1\x00', 0x100)
sendmsg$GTP_CMD_ECHOREQ(r10, 0x0, 0x81)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r13, 0x20, 0x70bd28, 0x25dfdbff, {}, [@GTPA_PEER_ADDR6={0x14, 0xb, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x24000001)

878.567934ms ago: executing program 9 (id=12193):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x1000850, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

771.935584ms ago: executing program 8 (id=12194):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, 0x0, 0x0)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, 0x0, &(0x7f00000000c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = syz_io_uring_setup(0x601d, &(0x7f00000006c0)={0x0, 0x7758, 0x1000, 0x8007, 0x1bf}, &(0x7f0000000300)=<r4=>0x0, &(0x7f0000000680)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1})
io_uring_enter(r3, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYRES8=r0], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

674.301854ms ago: executing program 9 (id=12196):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000180)={0x3, <r6=>0x0}, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000380)={r6}, 0x4)

613.49285ms ago: executing program 1 (id=12197):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x4, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000ff610000000000000600000085000000200000009500000000000000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000180)={'fscrypt:', @desc2}, &(0x7f0000000340)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe)
mq_open(&(0x7f0000000040)='%(\x00', 0x40, 0x40, &(0x7f0000000080)={0xf5, 0x3, 0x3, 0x619})
keyctl$search(0xa, r3, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)
unshare(0x24020400)
socket$vsock_stream(0x28, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x12, 0xfa00, {0x2, &(0x7f0000000080)={<r4=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={0x0, r4, 0x0, 0x3, 0x4000}}, 0x20)

571.011024ms ago: executing program 1 (id=12199):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x17, &(0x7f0000000080)=0x1, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
r3 = memfd_create(&(0x7f0000000280)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r3, &(0x7f0000001880)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10)
mlockall(0x7)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x60001800}, 0x0)
getsockname$packet(r6, &(0x7f00000002c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}, {0x4}}}, 0x24}, 0x1, 0xfffc}, 0x4000800)
r8 = socket$inet6(0xa, 0x3, 0x3c)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)

528.783308ms ago: executing program 3 (id=12202):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x59, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1002002, 0x0)
dup(r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@local, @in6=@private0}}, {{@in6=@ipv4={""/10, ""/2, @initdev}}, 0x0, @in=@initdev}}, &(0x7f0000000340)=0xe8)
openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendfile(r1, r0, 0x0, 0x7ffff000)

486.323843ms ago: executing program 1 (id=12204):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1067, 0x80, 0x4, 0x224}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT2={0x1c, 0x40, 0x0, 0xffffffffffffffff, &(0x7f00000004c0)={0x200000, 0x158, 0x18}, 0x0, 0x18, 0x0, 0x23456})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x18)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0x97}, 0x18)
prlimit64(0x0, 0xd, 0x0, 0x0)
r7 = io_uring_setup(0x1020, &(0x7f00000000c0)={0x0, 0x6a0d, 0x3000, 0x1, 0x387})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r7, 0x21, &(0x7f0000000340)={0x0, 0x2fc3f, 0x10, 0x2, 0x377, 0x0, r7}, 0x1)
ioctl$AUTOFS_IOC_FAIL(r5, 0x9361, 0x596)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000b00)='kmem_cache_free\x00', r8, 0x0, 0x1034}, 0x18)
r10 = socket$netlink(0x10, 0x3, 0x14)
r11 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r11, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x0, 0x5404, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r9, 0xc020662a, &(0x7f0000000440)={0x3fffffffbfb, 0x5, 0x5, 0x5, 0x1, 0x0, [{0x800000002, 0xab8, 0x5, '\x00', 0x102}]})
r12 = syz_genetlink_get_family_id$nl80211(0x0, r10)
sendmsg$NL80211_CMD_SET_CQM(r11, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000580)={0xf0, r12, 0x200, 0x70bd28, 0x25dfdbf8, {{}, {@void, @val={0xc, 0x99, {0xe985, 0x74}}}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x100}]}, @NL80211_ATTR_CQM={0x18, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x9, 0xfffffffc]}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x26}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x3}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x6ac}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x4}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x704}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x2b8}]}, @NL80211_ATTR_CQM={0x28, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xf}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0xd}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x2}, @NL80211_ATTR_CQM_RSSI_THOLD={0xc, 0x1, [0x8, 0x7]}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x22}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0xb}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xb20}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x6}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x1f}]}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x7}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x56}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x33a}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0xb778}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x3e}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x20008090}, 0x8000)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
r13 = syz_genetlink_get_family_id$gtp(&(0x7f0000000140), 0xffffffffffffffff)
r14 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000280)='\x00', &(0x7f00000002c0)={0x2c2742, 0x21, 0x2}, 0x18)
open_tree(r14, &(0x7f0000000500)='./file1\x00', 0x100)
sendmsg$GTP_CMD_ECHOREQ(r10, 0x0, 0x81)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, r13, 0x20, 0x70bd28, 0x25dfdbff, {}, [@GTPA_PEER_ADDR6={0x14, 0xb, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x24000001)

285.056223ms ago: executing program 2 (id=12205):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r3, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r5)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x38, 0x2c, 0xf31, 0x600, 0x25dfcbfb, {0x0, 0x0, 0x0, r6, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008844}, 0x4010)

274.381774ms ago: executing program 1 (id=12206):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x17, &(0x7f0000000080)=0x1, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
r3 = memfd_create(&(0x7f0000000280)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r3, &(0x7f0000001880)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='sys_enter\x00', r4}, 0x10)
mlockall(0x7)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x60001800}, 0x0)
getsockname$packet(r6, &(0x7f00000002c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}, {0x4}}}, 0x24}, 0x1, 0xfffc}, 0x4000800)
r8 = socket$inet6(0xa, 0x3, 0x3c)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)

261.788075ms ago: executing program 8 (id=12207):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x59, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1002002, 0x0)
dup(r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendfile(r1, r0, 0x0, 0x7ffff000)

230.972337ms ago: executing program 2 (id=12208):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x40800)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)

180.101113ms ago: executing program 2 (id=12209):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x4, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000ff610000000000000600000085000000200000009500000000000000"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000180)={'fscrypt:', @desc2}, &(0x7f0000000340)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe)
mq_open(&(0x7f0000000040)='%(\x00', 0x40, 0x40, &(0x7f0000000080)={0xf5, 0x3, 0x3, 0x619})
keyctl$search(0xa, r3, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)
unshare(0x24020400)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000540)={0x0, 0x12, 0xfa00, {0x2, &(0x7f0000000080)={<r5=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={0x0, r5, 0x0, 0x3, 0x4000}}, 0x20)

140.307197ms ago: executing program 2 (id=12210):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x34, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x48, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bond\x00'}]}]}]}], {0x14, 0x10}}, 0xc4}, 0x1, 0x0, 0x0, 0x20040841}, 0x0)

120.916869ms ago: executing program 2 (id=12211):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec85"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)

97.262551ms ago: executing program 1 (id=12212):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x78)
socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x1000850, &(0x7f0000000040)={[{@errors_remount}, {@discard}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

36.363687ms ago: executing program 2 (id=12213):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
link(0x0, 0x0)
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(0xffffffffffffffff, 0x1e, 0x0, 0x1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
copy_file_range(r3, 0x0, r3, 0xffffffffffffffff, 0x7, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x24, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x60}, @val={0x8, 0x3, r5}, @void}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x20000014)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000002000000000000000000000a030000000000000000000011"], 0x0, 0x32, 0x0, 0x1}, 0x28)
write$binfmt_misc(r0, &(0x7f0000000380)="5177ffbb3f9d99816588a9fbd3f55ae825493d63ddc6eb5e9103a1c387892e48e8d82de82e79c21558dd33a1b58492110aa188239567c51ef1df53eecac02440b914839a9381ee2279dc4ff0dfa3f5293de41183c122eac9f33ffa23d166338d7333dfae1248ec514f86d41f9efe52c7d47240fb7072bff350741d551469b068851145b5598ae353149dbd1d53a84f80d425399814c580aa39571068cb4b72604096ad515329983bdf7215a0c877ca2b127693a3859c7b9da1145b03fd3b037169915b7823d528fdc70565838af9e0de403190712375b1a742f986766a70832264b2cb84a166", 0xe6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x2)
fcntl$notify(r0, 0x402, 0x0)
socket$kcm(0x21, 0x2, 0x2)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x8042, 0x1fe)
r7 = open(&(0x7f0000000180)='./file1\x00', 0x143142, 0x0)
splice(r7, 0x0, r6, 0x0, 0x9b, 0x0)
getsockopt$inet6_int(r7, 0x29, 0x5, &(0x7f0000000200), &(0x7f0000000480)=0x4)
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")

0s ago: executing program 1 (id=12214):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000064010100000000000000000000000000fc01000000000000000000000000000000000000000000000a000000000000", @ANYBLOB="000800000000000003000000000000000000000000000000fd"], 0xfc}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x7, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x72, &(0x7f0000000000)=""/114}, 0x94)

kernel console output (not intermixed with test programs):

88][T32601] EXT4-fs (loop9): orphan cleanup on readonly fs
[  475.433348][T32586] EXT4-fs (loop3): mount failed
[  475.442049][T32601] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #16: comm syz.9.11633: corrupted inode contents
[  475.456476][T32601] EXT4-fs (loop9): Remounting filesystem read-only
[  475.463652][T32601] EXT4-fs (loop9): 1 truncate cleaned up
[  475.469788][   T37] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  475.470624][T32618] team0: No ports can be present during mode change
[  475.480496][   T37] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  475.498506][   T37] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  475.509679][T32601] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  475.537716][T32618] team0 (unregistering): Port device team_slave_0 removed
[  475.545677][T26610] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.561673][T32618] team0 (unregistering): Port device team_slave_1 removed
[  475.632645][T32637] nfs: Unexpected value for 'acl'
[  475.641282][T32639] pim6reg1: entered promiscuous mode
[  475.646707][T32639] pim6reg1: entered allmulticast mode
[  475.808627][T32663] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  475.840029][T32667] siw: device registration error -23
[  475.971698][T32682] netlink: 'syz.9.11667': attribute type 7 has an invalid length.
[  475.982885][T32682] loop9: detected capacity change from 0 to 512
[  475.993094][T32682] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  476.001136][T32682] EXT4-fs (loop9): orphan cleanup on readonly fs
[  476.009159][T32682] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #16: comm syz.9.11667: corrupted inode contents
[  476.021755][T32682] EXT4-fs (loop9): Remounting filesystem read-only
[  476.028607][T32682] EXT4-fs (loop9): 1 truncate cleaned up
[  476.034498][   T60] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  476.045274][   T60] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  476.055995][   T60] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  476.066973][T32682] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  476.098245][T26610] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.118351][T32690] pim6reg1: entered promiscuous mode
[  476.123829][T32690] pim6reg1: entered allmulticast mode
[  476.165745][T32697] loop9: detected capacity change from 0 to 1024
[  476.180654][T32697] ext3: Unknown parameter 'subj_type'
[  476.246897][T32702] siw: device registration error -23
[  476.848722][T32760] loop2: detected capacity change from 0 to 764
[  476.901814][T32763] loop3: detected capacity change from 0 to 512
[  476.932779][T32763] EXT4-fs (loop3): orphan cleanup on readonly fs
[  476.936498][T32746] lo speed is unknown, defaulting to 1000
[  476.947616][T32763] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.11702: bg 0: block 248: padding at end of block bitmap is not set
[  476.975646][T32763] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.11702: Failed to acquire dquot type 1
[  477.007543][T32763] EXT4-fs (loop3): 1 truncate cleaned up
[  477.015123][T32763] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  477.119602][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  477.319026][  T317] SELinux: failed to load policy
[  477.369037][  T329] !yz!: rxe_newlink: already configured on team_slave_0
[  477.552815][  T352] FAULT_INJECTION: forcing a failure.
[  477.552815][  T352] name failslab, interval 1, probability 0, space 0, times 0
[  477.565721][  T352] CPU: 1 UID: 0 PID: 352 Comm: syz.2.11725 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  477.565769][  T352] Tainted: [W]=WARN
[  477.565778][  T352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  477.565796][  T352] Call Trace:
[  477.565805][  T352]  <TASK>
[  477.565815][  T352]  __dump_stack+0x1d/0x30
[  477.565919][  T352]  dump_stack_lvl+0xe8/0x140
[  477.565944][  T352]  dump_stack+0x15/0x1b
[  477.565992][  T352]  should_fail_ex+0x265/0x280
[  477.566039][  T352]  should_failslab+0x8c/0xb0
[  477.566076][  T352]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  477.566171][  T352]  ? __alloc_skb+0x101/0x320
[  477.566206][  T352]  __alloc_skb+0x101/0x320
[  477.566236][  T352]  ? audit_log_start+0x342/0x720
[  477.566264][  T352]  audit_log_start+0x3a0/0x720
[  477.566296][  T352]  ? kstrtouint+0x76/0xc0
[  477.566340][  T352]  audit_seccomp+0x48/0x100
[  477.566380][  T352]  ? __seccomp_filter+0x82d/0x1250
[  477.566419][  T352]  __seccomp_filter+0x83e/0x1250
[  477.566490][  T352]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  477.566527][  T352]  ? vfs_write+0x7e8/0x960
[  477.566565][  T352]  __secure_computing+0x82/0x150
[  477.566642][  T352]  syscall_trace_enter+0xcf/0x1e0
[  477.566677][  T352]  do_syscall_64+0xac/0x200
[  477.566710][  T352]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  477.566747][  T352]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  477.566814][  T352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.566870][  T352] RIP: 0033:0x7ff93a00eec9
[  477.566891][  T352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.566916][  T352] RSP: 002b:00007ff938a77038 EFLAGS: 00000246 ORIG_RAX: 000000000000012e
[  477.566942][  T352] RAX: ffffffffffffffda RBX: 00007ff93a265fa0 RCX: 00007ff93a00eec9
[  477.566959][  T352] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000000
[  477.566998][  T352] RBP: 00007ff938a77090 R08: 0000000000000000 R09: 0000000000000000
[  477.567013][  T352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.567025][  T352] R13: 00007ff93a266038 R14: 00007ff93a265fa0 R15: 00007ffec5a13708
[  477.567058][  T352]  </TASK>
[  477.923477][  T377] loop2: detected capacity change from 0 to 764
[  477.941146][  T377] iso9660: Unknown parameter '9p'
[  477.970068][  T384] FAULT_INJECTION: forcing a failure.
[  477.970068][  T384] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  477.974782][  T387] __nla_validate_parse: 10 callbacks suppressed
[  477.974805][  T387] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11741'.
[  477.983295][  T384] CPU: 0 UID: 0 PID: 384 Comm: syz.1.11739 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  477.983338][  T384] Tainted: [W]=WARN
[  477.983345][  T384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  477.983424][  T384] Call Trace:
[  477.983435][  T384]  <TASK>
[  477.983447][  T384]  __dump_stack+0x1d/0x30
[  477.983479][  T384]  dump_stack_lvl+0xe8/0x140
[  477.983538][  T384]  dump_stack+0x15/0x1b
[  477.983561][  T384]  should_fail_ex+0x265/0x280
[  477.983622][  T384]  should_fail+0xb/0x20
[  477.983815][  T384]  should_fail_usercopy+0x1a/0x20
[  477.983847][  T384]  _copy_from_user+0x1c/0xb0
[  477.983882][  T384]  __copy_msghdr+0x244/0x300
[  477.983926][  T384]  ___sys_sendmsg+0x109/0x1d0
[  477.983995][  T384]  __sys_sendmmsg+0x178/0x300
[  477.984052][  T384]  __x64_sys_sendmmsg+0x57/0x70
[  477.984095][  T384]  x64_sys_call+0x1c4a/0x3000
[  477.984126][  T384]  do_syscall_64+0xd2/0x200
[  477.984184][  T384]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  477.984225][  T384]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  477.984324][  T384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.984356][  T384] RIP: 0033:0x7f5e662aeec9
[  477.984378][  T384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.984405][  T384] RSP: 002b:00007f5e64d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  477.984433][  T384] RAX: ffffffffffffffda RBX: 00007f5e66505fa0 RCX: 00007f5e662aeec9
[  477.984533][  T384] RDX: 0000000000000001 RSI: 00002000000032c0 RDI: 0000000000000003
[  477.984551][  T384] RBP: 00007f5e64d17090 R08: 0000000000000000 R09: 0000000000000000
[  477.984569][  T384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.984587][  T384] R13: 00007f5e66506038 R14: 00007f5e66505fa0 R15: 00007ffc9af891a8
[  477.984624][  T384]  </TASK>
[  478.055948][  T374] netlink: 'syz.8.11736': attribute type 10 has an invalid length.
[  478.218234][  T374] macvlan1: entered promiscuous mode
[  478.250917][  T374] bond0: (slave macvlan1): Enslaving as an active interface with an up link
[  478.336951][  T418] netlink: 12 bytes leftover after parsing attributes in process `syz.8.11752'.
[  478.379079][  T418] netlink: 44 bytes leftover after parsing attributes in process `syz.8.11752'.
[  478.471276][  T421] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  478.490821][  T432] pim6reg1: entered promiscuous mode
[  478.496320][  T432] pim6reg1: entered allmulticast mode
[  478.567117][  T426] !yz!: rxe_newlink: already configured on team_slave_0
[  478.601104][  T445] pim6reg1: entered promiscuous mode
[  478.606444][  T445] pim6reg1: entered allmulticast mode
[  478.750529][  T455] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11769'.
[  478.776206][  T467] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  478.813567][  T471] pim6reg1: entered promiscuous mode
[  478.819059][  T471] pim6reg1: entered allmulticast mode
[  478.865028][   T29] kauditd_printk_skb: 304 callbacks suppressed
[  478.865047][   T29] audit: type=1400 audit(1760349054.374:50660): avc:  denied  { connect } for  pid=454 comm="syz.9.11769" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  478.904700][  T455] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11769'.
[  479.058909][  T492] loop2: detected capacity change from 0 to 512
[  479.077384][  T492] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  479.098622][  T492] EXT4-fs (loop2): orphan cleanup on readonly fs
[  479.151149][  T492] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.11784: corrupted inode contents
[  479.201449][  T492] EXT4-fs (loop2): Remounting filesystem read-only
[  479.254044][  T504] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=504 comm=syz.9.11787
[  479.255989][  T492] EXT4-fs (loop2): 1 truncate cleaned up
[  479.274260][ T3671] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  479.285149][ T3671] Quota error (device loop2): write_blk: dquota write failed
[  479.292771][ T3671] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  479.303357][ T3671] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  479.314019][ T3671] Quota error (device loop2): write_blk: dquota write failed
[  479.321549][ T3671] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  479.331974][ T3671] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  479.342286][ T3671] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  479.372515][  T510] netlink: 996 bytes leftover after parsing attributes in process `syz.9.11789'.
[  479.374002][ T3671] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  479.415428][  T515] loop3: detected capacity change from 0 to 512
[  479.423433][  T492] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  479.436928][  T511] pim6reg1: entered promiscuous mode
[  479.442388][  T511] pim6reg1: entered allmulticast mode
[  479.450276][  T515] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  479.465738][  T515] EXT4-fs (loop3): orphan cleanup on readonly fs
[  479.490401][  T515] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.11792: corrupted inode contents
[  479.509155][  T515] EXT4-fs (loop3): Remounting filesystem read-only
[  479.519629][T25687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.544094][  T515] EXT4-fs (loop3): 1 truncate cleaned up
[  479.549985][   T60] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  479.560765][   T60] Quota error (device loop3): write_blk: dquota write failed
[  479.568197][   T60] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[  479.578309][   T60] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  479.588890][   T60] Quota error (device loop3): write_blk: dquota write failed
[  479.615949][   T60] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  479.627219][  T515] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  479.669311][  T526] netlink: 32 bytes leftover after parsing attributes in process `syz.2.11794'.
[  479.683492][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.731431][  T536] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11801'.
[  479.767622][  T538] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=538 comm=syz.9.11802
[  479.770907][  T536] netlink: 44 bytes leftover after parsing attributes in process `syz.2.11801'.
[  480.015864][  T562] FAULT_INJECTION: forcing a failure.
[  480.015864][  T562] name failslab, interval 1, probability 0, space 0, times 0
[  480.028676][  T562] CPU: 1 UID: 0 PID: 562 Comm: syz.9.11810 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  480.028719][  T562] Tainted: [W]=WARN
[  480.028728][  T562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  480.028742][  T562] Call Trace:
[  480.028748][  T562]  <TASK>
[  480.028756][  T562]  __dump_stack+0x1d/0x30
[  480.028778][  T562]  dump_stack_lvl+0xe8/0x140
[  480.028871][  T562]  dump_stack+0x15/0x1b
[  480.028895][  T562]  should_fail_ex+0x265/0x280
[  480.029006][  T562]  should_failslab+0x8c/0xb0
[  480.029041][  T562]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  480.029070][  T562]  ? __alloc_skb+0x101/0x320
[  480.029151][  T562]  __alloc_skb+0x101/0x320
[  480.029181][  T562]  ? audit_log_start+0x342/0x720
[  480.029209][  T562]  audit_log_start+0x3a0/0x720
[  480.029230][  T562]  ? kstrtouint+0x76/0xc0
[  480.029275][  T562]  audit_seccomp+0x48/0x100
[  480.029314][  T562]  ? __seccomp_filter+0x82d/0x1250
[  480.029347][  T562]  __seccomp_filter+0x83e/0x1250
[  480.029390][  T562]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  480.029428][  T562]  ? vfs_write+0x7e8/0x960
[  480.029473][  T562]  __secure_computing+0x82/0x150
[  480.029502][  T562]  syscall_trace_enter+0xcf/0x1e0
[  480.029539][  T562]  do_syscall_64+0xac/0x200
[  480.029587][  T562]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  480.029615][  T562]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  480.029645][  T562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.029742][  T562] RIP: 0033:0x7f7e0da7eec9
[  480.029762][  T562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.029787][  T562] RSP: 002b:00007f7e0c4e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  480.029814][  T562] RAX: ffffffffffffffda RBX: 00007f7e0dcd5fa0 RCX: 00007f7e0da7eec9
[  480.029832][  T562] RDX: 0000000000000004 RSI: 0000000000000000 RDI: ffffffffffffffff
[  480.029849][  T562] RBP: 00007f7e0c4e7090 R08: 0000000000000000 R09: 0000000000000000
[  480.029866][  T562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.029933][  T562] R13: 00007f7e0dcd6038 R14: 00007f7e0dcd5fa0 R15: 00007ffd897ee558
[  480.029958][  T562]  </TASK>
[  480.281591][   T60] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.294808][  T548] lo speed is unknown, defaulting to 1000
[  480.335080][   T60] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.353619][  T568] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11812'.
[  480.398333][   T60] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.465226][  T585] loop2: detected capacity change from 0 to 512
[  480.492788][   T60] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.512104][  T585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.537059][  T594] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  480.549619][  T585] ext4 filesystem being mounted at /598/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  480.578313][  T585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  480.586795][  T585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  480.606236][  T590] syzkaller0: entered promiscuous mode
[  480.611902][  T590] syzkaller0: entered allmulticast mode
[  480.632775][  T585] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.11819: corrupted inode contents
[  480.646689][  T548] chnl_net:caif_netlink_parms(): no params data found
[  480.652560][  T585] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #2: comm syz.2.11819: mark_inode_dirty error
[  480.673798][  T585] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.11819: corrupted inode contents
[  480.686821][  T585] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.11819: mark_inode_dirty error
[  480.705973][  T585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  480.714700][  T585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  480.729072][  T585] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  480.763844][  T606] pim6reg1: entered promiscuous mode
[  480.769238][  T606] pim6reg1: entered allmulticast mode
[  480.776341][  T609] loop9: detected capacity change from 0 to 512
[  480.776938][  T548] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.789795][  T548] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.797221][  T548] bridge_slave_0: entered allmulticast mode
[  480.803250][  T609] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  480.803861][  T548] bridge_slave_0: entered promiscuous mode
[  480.811511][  T609] EXT4-fs (loop9): orphan cleanup on readonly fs
[  480.818850][  T548] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.830891][  T548] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.838282][  T548] bridge_slave_1: entered allmulticast mode
[  480.840324][  T609] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #16: comm syz.9.11826: corrupted inode contents
[  480.845166][  T548] bridge_slave_1: entered promiscuous mode
[  480.862833][  T609] EXT4-fs (loop9): Remounting filesystem read-only
[  480.870249][  T609] EXT4-fs (loop9): 1 truncate cleaned up
[  480.876049][ T2870] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  480.886727][ T2870] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  480.897995][ T2870] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  480.909054][  T609] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  480.936821][T26610] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.939271][  T548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  480.955476][   T60] bridge_slave_1: left allmulticast mode
[  480.961264][   T60] bridge_slave_1: left promiscuous mode
[  480.967113][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.984258][   T60] bridge_slave_0: left allmulticast mode
[  480.990018][   T60] bridge_slave_0: left promiscuous mode
[  480.995869][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  481.091534][  T617] !yz!: rxe_newlink: already configured on team_slave_0
[  481.104550][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  481.123203][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  481.133645][   T60] bond0 (unregistering): (slave macvlan1): Releasing backup interface
[  481.144102][   T60] bond0 (unregistering): Released all slaves
[  481.154147][  T548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  481.192320][  T626] netlink: 'syz.9.11833': attribute type 7 has an invalid length.
[  481.199072][  T548] team0: Port device team_slave_0 added
[  481.218195][  T548] team0: Port device team_slave_1 added
[  481.239138][  T626] loop9: detected capacity change from 0 to 512
[  481.263525][   T60] hsr_slave_0: left promiscuous mode
[  481.269639][   T60] hsr_slave_1: left promiscuous mode
[  481.275956][  T626] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  481.286865][   T60] veth1_macvtap: left promiscuous mode
[  481.292749][   T60] veth0_macvtap: left promiscuous mode
[  481.298452][  T626] EXT4-fs (loop9): orphan cleanup on readonly fs
[  481.305207][   T60] veth1_vlan: left promiscuous mode
[  481.310594][   T60] veth0_vlan: left promiscuous mode
[  481.326234][  T626] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #16: comm syz.9.11833: corrupted inode contents
[  481.346885][  T626] EXT4-fs (loop9): Remounting filesystem read-only
[  481.354061][  T626] EXT4-fs (loop9): 1 truncate cleaned up
[  481.359969][ T2870] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  481.370585][ T2870] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  481.382078][ T2870] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  481.397904][  T626] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  481.416537][  T585] Process accounting paused
[  481.438660][T25687] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.484688][T26610] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.506790][   T60] team0 (unregistering): Port device team_slave_1 removed
[  481.529257][   T60] team0 (unregistering): Port device team_slave_0 removed
[  481.666273][  T548] batman_adv: batadv0: Adding interface: batadv_slave_0
[  481.673494][  T548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  481.699850][  T548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  481.770910][  T548] batman_adv: batadv0: Adding interface: batadv_slave_1
[  481.778055][  T548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  481.805498][  T548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  481.948787][  T548] hsr_slave_0: entered promiscuous mode
[  481.976188][  T548] hsr_slave_1: entered promiscuous mode
[  482.010515][  T548] debugfs: 'hsr0' already exists in 'hsr'
[  482.016607][  T548] Cannot create hsr debugfs directory
[  482.069093][   T60] IPVS: stop unused estimator thread 0...
[  482.145729][   T60] ------------[ cut here ]------------
[  482.151462][   T60] WARNING: CPU: 1 PID: 60 at net/xfrm/xfrm_state.c:3306 xfrm_state_fini+0x179/0x1f0
[  482.161153][   T60] Modules linked in:
[  482.165281][   T60] CPU: 1 UID: 0 PID: 60 Comm: kworker/u8:4 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  482.177377][   T60] Tainted: [W]=WARN
[  482.181443][   T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  482.191678][   T60] Workqueue: netns cleanup_net
[  482.197001][   T60] RIP: 0010:xfrm_state_fini+0x179/0x1f0
[  482.202646][   T60] Code: 48 8d bb 70 0e 00 00 e8 65 a8 b7 fc 48 8b bb 70 0e 00 00 e8 e9 53 c4 fc 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 38 51 9c fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 2a 51 9c fc 90 0f 0b 90 4c 89 f7 e8 2e
[  482.222584][   T60] RSP: 0018:ffffc900001d3c60 EFLAGS: 00010293
[  482.228844][   T60] RAX: ffffffff84baee48 RBX: ffff88811908de00 RCX: ffff88810199b180
[  482.237091][   T60] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88811908ec40
[  482.245106][   T60] RBP: ffffffff86c91000 R08: 0001ffff8684802f R09: 0000000000000000
[  482.253255][   T60] R10: ffffc900001d3be8 R11: 0001c900001d3be8 R12: ffffffff86c91020
[  482.261546][   T60] R13: ffff88811908de28 R14: ffff88811908ec40 R15: ffff88811908de00
[  482.269590][   T60] FS:  0000000000000000(0000) GS:ffff8882aef3a000(0000) knlGS:0000000000000000
[  482.278649][   T60] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  482.285411][   T60] CR2: 00007f7e0dcc11df CR3: 000000012e782000 CR4: 00000000003506f0
[  482.293665][   T60] DR0: 0000200000000300 DR1: 0000200000000300 DR2: 0000200000000300
[  482.302291][   T60] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  482.310535][   T60] Call Trace:
[  482.314052][   T60]  <TASK>
[  482.317040][   T60]  xfrm_net_exit+0x2d/0x60
[  482.321658][   T60]  ops_undo_list+0x27b/0x410
[  482.326327][   T60]  cleanup_net+0x2f4/0x4f0
[  482.330824][   T60]  process_scheduled_works+0x4ce/0x9d0
[  482.336413][   T60]  worker_thread+0x582/0x770
[  482.341061][   T60]  kthread+0x489/0x510
[  482.345251][   T60]  ? finish_task_switch+0xad/0x2b0
[  482.350452][   T60]  ? __pfx_worker_thread+0x10/0x10
[  482.355630][   T60]  ? __pfx_kthread+0x10/0x10
[  482.360429][   T60]  ret_from_fork+0x122/0x1b0
[  482.365231][   T60]  ? __pfx_kthread+0x10/0x10
[  482.369944][   T60]  ret_from_fork_asm+0x1a/0x30
[  482.374806][   T60]  </TASK>
[  482.378050][   T60] ---[ end trace 0000000000000000 ]---
[  482.659619][  T548] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  482.674127][  T691] loop3: detected capacity change from 0 to 1024
[  482.678298][  T548] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  482.686208][  T691] EXT4-fs: Ignoring removed orlov option
[  482.711954][  T691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  482.739519][  T548] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  482.772727][  T548] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  482.946458][  T693] infiniband syz!: set down
[  482.951137][  T693] infiniband syz!: added team_slave_0
[  483.007834][  T548] 8021q: adding VLAN 0 to HW filter on device bond0
[  483.023775][  T693] RDS/IB: syz!: added
[  483.074604][  T548] 8021q: adding VLAN 0 to HW filter on device team0
[  483.128381][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  483.135635][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  483.219568][ T3671] bridge0: port 2(bridge_slave_1) entered blocking state
[  483.226683][ T3671] bridge0: port 2(bridge_slave_1) entered forwarding state
[  483.237261][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  483.268517][  T548] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  483.279131][  T548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  483.311725][  T705] loop3: detected capacity change from 0 to 512
[  483.344354][  T705] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  483.360421][  T705] EXT4-fs (loop3): orphan cleanup on readonly fs
[  483.390231][  T705] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.11862: corrupted inode contents
[  483.409866][  T548] 8021q: adding VLAN 0 to HW filter on device batadv0
[  483.425238][  T705] EXT4-fs (loop3): Remounting filesystem read-only
[  483.440108][  T716] __nla_validate_parse: 3 callbacks suppressed
[  483.440129][  T716] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11865'.
[  483.466823][  T705] EXT4-fs (loop3): 1 truncate cleaned up
[  483.472781][ T2870] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  483.483678][ T2870] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  483.506862][  T719] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=719 comm=syz.9.11865
[  483.537409][ T2870] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  483.570897][  T705] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  483.618848][  T726] loop9: detected capacity change from 0 to 512
[  483.630981][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  483.682737][  T726] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.708555][  T737] FAULT_INJECTION: forcing a failure.
[  483.708555][  T737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  483.719473][  T740] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11871'.
[  483.722277][  T737] CPU: 0 UID: 0 PID: 737 Comm: syz.1.11870 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  483.722334][  T737] Tainted: [W]=WARN
[  483.722343][  T737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  483.722362][  T737] Call Trace:
[  483.722371][  T737]  <TASK>
[  483.722382][  T737]  __dump_stack+0x1d/0x30
[  483.722412][  T737]  dump_stack_lvl+0xe8/0x140
[  483.722506][  T737]  dump_stack+0x15/0x1b
[  483.722540][  T737]  should_fail_ex+0x265/0x280
[  483.722645][  T737]  should_fail+0xb/0x20
[  483.722734][  T737]  should_fail_usercopy+0x1a/0x20
[  483.722766][  T737]  _copy_from_user+0x1c/0xb0
[  483.722821][  T737]  __copy_msghdr+0x244/0x300
[  483.722865][  T737]  ___sys_sendmsg+0x109/0x1d0
[  483.722927][  T737]  __sys_sendmmsg+0x178/0x300
[  483.723056][  T737]  __x64_sys_sendmmsg+0x57/0x70
[  483.723100][  T737]  x64_sys_call+0x1c4a/0x3000
[  483.723132][  T737]  do_syscall_64+0xd2/0x200
[  483.723165][  T737]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  483.723223][  T737]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  483.723256][  T737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.723341][  T737] RIP: 0033:0x7f5e662aeec9
[  483.723381][  T737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  483.723408][  T737] RSP: 002b:00007f5e64d17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  483.723435][  T737] RAX: ffffffffffffffda RBX: 00007f5e66505fa0 RCX: 00007f5e662aeec9
[  483.723453][  T737] RDX: 0000000000000001 RSI: 00002000000032c0 RDI: 0000000000000003
[  483.723471][  T737] RBP: 00007f5e64d17090 R08: 0000000000000000 R09: 0000000000000000
[  483.723490][  T737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.723508][  T737] R13: 00007f5e66506038 R14: 00007f5e66505fa0 R15: 00007ffc9af891a8
[  483.723542][  T737]  </TASK>
[  483.732933][  T726] ext4 filesystem being mounted at /571/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  483.870706][  T748] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11874'.
[  483.881136][  T726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  483.883654][  T749] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=749 comm=syz.2.11871
[  483.892103][  T726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  484.042053][  T548] veth0_vlan: entered promiscuous mode
[  484.056784][  T726] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #2: comm syz.9.11867: corrupted inode contents
[  484.057698][  T548] veth1_vlan: entered promiscuous mode
[  484.085881][  T726] EXT4-fs error (device loop9): ext4_dirty_inode:6509: inode #2: comm syz.9.11867: mark_inode_dirty error
[  484.088144][  T548] veth0_macvtap: entered promiscuous mode
[  484.104695][  T726] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #2: comm syz.9.11867: corrupted inode contents
[  484.118252][  T726] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #2: comm syz.9.11867: mark_inode_dirty error
[  484.118805][  T548] veth1_macvtap: entered promiscuous mode
[  484.132596][  T726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  484.144333][  T726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  484.154529][  T726] !yz!: rxe_newlink: already configured on team_slave_0
[  484.157945][  T548] batman_adv: batadv0: Interface activated: batadv_slave_0
[  484.173624][  T548] batman_adv: batadv0: Interface activated: batadv_slave_1
[  484.185888][ T2870] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  484.195233][ T2870] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  484.205308][ T2870] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  484.216258][ T2870] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  484.225254][   T29] kauditd_printk_skb: 242 callbacks suppressed
[  484.225269][   T29] audit: type=1400 audit(1760349059.389:50878): avc:  denied  { ioctl } for  pid=755 comm="syz.2.11876" path="pid:[4026532386]" dev="nsfs" ino=4026532386 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  484.265878][   T29] audit: type=1400 audit(1760349059.426:50879): avc:  denied  { mounton } for  pid=548 comm="syz-executor" path="/root/syzkaller.Yltilv/syz-tmp" dev="sda1" ino=2091 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  484.291053][   T29] audit: type=1400 audit(1760349059.426:50880): avc:  denied  { mount } for  pid=548 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  484.314467][   T29] audit: type=1400 audit(1760349059.436:50881): avc:  denied  { mount } for  pid=548 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  484.336859][   T29] audit: type=1400 audit(1760349059.436:50882): avc:  denied  { mounton } for  pid=548 comm="syz-executor" path="/root/syzkaller.Yltilv/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  484.364481][   T29] audit: type=1400 audit(1760349059.436:50883): avc:  denied  { mounton } for  pid=548 comm="syz-executor" path="/root/syzkaller.Yltilv/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=114606 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  484.394022][   T29] audit: type=1400 audit(1760349059.482:50884): avc:  denied  { mounton } for  pid=548 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  484.417034][   T29] audit: type=1400 audit(1760349059.482:50885): avc:  denied  { mount } for  pid=548 comm="syz-executor" name="/" dev="gadgetfs" ino=4523 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  484.439789][   T29] audit: type=1400 audit(1760349059.501:50886): avc:  denied  { add_name } for  pid=548 comm="syz-executor" name="syz8" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  484.464726][   T29] audit: type=1400 audit(1760349059.501:50887): avc:  denied  { associate } for  pid=548 comm="syz-executor" name="syz8" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  484.525821][  T773] siw: device registration error -23
[  484.588343][  T779] siw: device registration error -23
[  484.605941][  T781] loop8: detected capacity change from 0 to 512
[  484.613171][  T781] EXT4-fs: Ignoring removed nobh option
[  484.637211][  T781] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #3: comm syz.8.11882: corrupted inode contents
[  484.650448][  T781] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #3: comm syz.8.11882: mark_inode_dirty error
[  484.662896][  T781] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #3: comm syz.8.11882: corrupted inode contents
[  484.675456][  T781] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.11882: mark_inode_dirty error
[  484.684109][  T787] netlink: 60 bytes leftover after parsing attributes in process `syz.1.11884'.
[  484.687721][  T781] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.11882: Failed to acquire dquot type 0
[  484.695990][  T787] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11884'.
[  484.711156][  T781] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11882: corrupted inode contents
[  484.716862][  T787] netlink: 60 bytes leftover after parsing attributes in process `syz.1.11884'.
[  484.730016][  T781] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #16: comm syz.8.11882: mark_inode_dirty error
[  484.750405][  T781] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11882: corrupted inode contents
[  484.763206][  T787] netlink: 60 bytes leftover after parsing attributes in process `syz.1.11884'.
[  484.763256][  T781] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.11882: mark_inode_dirty error
[  484.772652][  T787] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11884'.
[  484.784441][  T781] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11882: corrupted inode contents
[  484.793176][  T787] netlink: 60 bytes leftover after parsing attributes in process `syz.1.11884'.
[  484.807436][  T781] EXT4-fs error (device loop8) in ext4_orphan_del:301: Corrupt filesystem
[  484.824267][  T781] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11882: corrupted inode contents
[  484.837170][  T781] EXT4-fs error (device loop8): ext4_truncate:4637: inode #16: comm syz.8.11882: mark_inode_dirty error
[  484.843902][  T787] netlink: 60 bytes leftover after parsing attributes in process `syz.1.11884'.
[  484.848909][  T781] EXT4-fs error (device loop8) in ext4_process_orphan:343: Corrupt filesystem
[  484.867249][  T781] EXT4-fs (loop8): 1 truncate cleaned up
[  484.873473][  T781] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  484.886360][  T781] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  484.898041][  T781] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.908993][T26610] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.005432][  T797] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=797 comm=syz.1.11887
[  485.054428][  T809] siw: device registration error -23
[  485.074126][  T801] loop9: detected capacity change from 0 to 512
[  485.107217][  T801] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  485.116521][  T801] EXT4-fs (loop9): orphan cleanup on readonly fs
[  485.138004][  T823] loop3: detected capacity change from 0 to 512
[  485.152524][  T801] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #16: comm syz.9.11889: corrupted inode contents
[  485.154608][  T823] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.165242][  T801] EXT4-fs (loop9): Remounting filesystem read-only
[  485.185073][  T801] EXT4-fs (loop9): 1 truncate cleaned up
[  485.191095][ T3684] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  485.200004][  T823] ext4 filesystem being mounted at /200/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  485.202020][ T3684] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  485.215445][  T815] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  485.251724][  T823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  485.261200][ T3684] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  485.271414][  T834] FAULT_INJECTION: forcing a failure.
[  485.271414][  T834] name failslab, interval 1, probability 0, space 0, times 0
[  485.271520][  T834] CPU: 0 UID: 0 PID: 834 Comm: syz.8.11898 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  485.271559][  T834] Tainted: [W]=WARN
[  485.271568][  T834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  485.271638][  T834] Call Trace:
[  485.271647][  T834]  <TASK>
[  485.271658][  T834]  __dump_stack+0x1d/0x30
[  485.271689][  T834]  dump_stack_lvl+0xe8/0x140
[  485.271717][  T834]  dump_stack+0x15/0x1b
[  485.271743][  T834]  should_fail_ex+0x265/0x280
[  485.271842][  T834]  should_failslab+0x8c/0xb0
[  485.271883][  T834]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  485.271954][  T834]  ? __alloc_skb+0x101/0x320
[  485.271992][  T834]  __alloc_skb+0x101/0x320
[  485.272028][  T834]  netlink_alloc_large_skb+0xbf/0xf0
[  485.272090][  T834]  netlink_sendmsg+0x3cf/0x6b0
[  485.272136][  T834]  ? __pfx_netlink_sendmsg+0x10/0x10
[  485.272278][  T834]  __sock_sendmsg+0x145/0x180
[  485.272309][  T834]  ____sys_sendmsg+0x31e/0x4e0
[  485.272353][  T834]  ___sys_sendmsg+0x17b/0x1d0
[  485.272454][  T834]  __x64_sys_sendmsg+0xd4/0x160
[  485.272570][  T834]  x64_sys_call+0x191e/0x3000
[  485.272601][  T834]  do_syscall_64+0xd2/0x200
[  485.272636][  T834]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  485.272677][  T834]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  485.272722][  T834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.272751][  T834] RIP: 0033:0x7fcb32bbeec9
[  485.272850][  T834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.272879][  T834] RSP: 002b:00007fcb3161f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  485.272907][  T834] RAX: ffffffffffffffda RBX: 00007fcb32e15fa0 RCX: 00007fcb32bbeec9
[  485.272927][  T834] RDX: 0000000000000010 RSI: 0000200000001340 RDI: 0000000000000003
[  485.272944][  T834] RBP: 00007fcb3161f090 R08: 0000000000000000 R09: 0000000000000000
[  485.272971][  T834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  485.272988][  T834] R13: 00007fcb32e16038 R14: 00007fcb32e15fa0 R15: 00007fff988a1238
[  485.273017][  T834]  </TASK>
[  485.285045][  T823] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  485.303775][  T801] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  485.315656][   T60] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.425951][  T823] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.11896: corrupted inode contents
[  485.536861][T26610] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.546907][  T823] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #2: comm syz.3.11896: mark_inode_dirty error
[  485.587693][  T823] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #2: comm syz.3.11896: corrupted inode contents
[  485.597104][  T810] lo speed is unknown, defaulting to 1000
[  485.619043][   T60] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.635619][  T823] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.11896: mark_inode_dirty error
[  485.657396][  T841] loop8: detected capacity change from 0 to 512
[  485.664595][  T841] EXT4-fs: Ignoring removed nobh option
[  485.679973][   T60] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.685267][  T823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  485.700852][  T823] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  485.748515][  T823] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  485.763159][  T854] siw: device registration error -23
[  485.783572][  T841] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #3: comm syz.8.11902: corrupted inode contents
[  485.799241][   T60] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.810436][  T841] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #3: comm syz.8.11902: mark_inode_dirty error
[  485.824183][  T841] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #3: comm syz.8.11902: corrupted inode contents
[  485.836475][  T841] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.11902: mark_inode_dirty error
[  485.848990][  T841] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.11902: Failed to acquire dquot type 0
[  485.869309][  T841] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11902: corrupted inode contents
[  485.888302][  T841] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #16: comm syz.8.11902: mark_inode_dirty error
[  485.905743][  T856] netdevsim netdevsim1: Direct firmware load for ./file0/file1 failed with error -2
[  485.917513][   T60] bridge_slave_1: left allmulticast mode
[  485.922379][  T841] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11902: corrupted inode contents
[  485.923296][   T60] bridge_slave_1: left promiscuous mode
[  485.940990][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.950249][  T841] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.11902: mark_inode_dirty error
[  485.963289][   T60] bridge_slave_0: left allmulticast mode
[  485.969101][   T60] bridge_slave_0: left promiscuous mode
[  485.975541][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  485.995689][  T841] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11902: corrupted inode contents
[  486.010122][  T841] EXT4-fs error (device loop8) in ext4_orphan_del:301: Corrupt filesystem
[  486.029344][  T841] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11902: corrupted inode contents
[  486.051549][  T841] EXT4-fs error (device loop8): ext4_truncate:4637: inode #16: comm syz.8.11902: mark_inode_dirty error
[  486.064824][  T841] EXT4-fs error (device loop8) in ext4_process_orphan:343: Corrupt filesystem
[  486.094989][  T841] EXT4-fs (loop8): 1 truncate cleaned up
[  486.101412][  T841] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  486.126642][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  486.137344][  T841] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  486.152477][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  486.163436][   T60] bond0 (unregistering): Released all slaves
[  486.166189][  T841] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.183344][  T810] chnl_net:caif_netlink_parms(): no params data found
[  486.448000][  T823] Process accounting paused
[  486.458359][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  486.475175][   T60] hsr_slave_0: left promiscuous mode
[  486.489357][   T60] hsr_slave_1: left promiscuous mode
[  486.499761][   T60] veth1_macvtap: left promiscuous mode
[  486.511856][   T60] veth0_macvtap: left promiscuous mode
[  486.520338][   T60] veth1_vlan: left promiscuous mode
[  486.525863][   T60] veth0_vlan: left promiscuous mode
[  486.587918][  T884] loop3: detected capacity change from 0 to 1024
[  486.602990][  T884] EXT4-fs: Ignoring removed orlov option
[  486.619451][  T884] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  486.794111][   T60] team0 (unregistering): Port device team_slave_1 removed
[  486.830133][   T60] team0 (unregistering): Port device team_slave_0 removed
[  486.931651][  T810] bridge0: port 1(bridge_slave_0) entered blocking state
[  486.938998][  T810] bridge0: port 1(bridge_slave_0) entered disabled state
[  486.946943][  T810] bridge_slave_0: entered allmulticast mode
[  486.955452][  T810] bridge_slave_0: entered promiscuous mode
[  486.967803][  T810] bridge0: port 2(bridge_slave_1) entered blocking state
[  486.974992][  T810] bridge0: port 2(bridge_slave_1) entered disabled state
[  486.997134][  T810] bridge_slave_1: entered allmulticast mode
[  487.018715][  T810] bridge_slave_1: entered promiscuous mode
[  487.049461][  T810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  487.072377][  T810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  487.114825][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.117667][  T810] team0: Port device team_slave_0 added
[  487.152820][  T810] team0: Port device team_slave_1 added
[  487.201306][  T810] batman_adv: batadv0: Adding interface: batadv_slave_0
[  487.208587][  T810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  487.210503][  T897] FAULT_INJECTION: forcing a failure.
[  487.210503][  T897] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  487.234670][  T810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  487.247728][  T897] CPU: 0 UID: 0 PID: 897 Comm: syz.9.11919 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  487.247769][  T897] Tainted: [W]=WARN
[  487.247777][  T897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  487.247808][  T897] Call Trace:
[  487.247817][  T897]  <TASK>
[  487.247827][  T897]  __dump_stack+0x1d/0x30
[  487.247854][  T897]  dump_stack_lvl+0xe8/0x140
[  487.247878][  T897]  dump_stack+0x15/0x1b
[  487.247899][  T897]  should_fail_ex+0x265/0x280
[  487.248024][  T897]  should_fail+0xb/0x20
[  487.248057][  T897]  should_fail_usercopy+0x1a/0x20
[  487.248148][  T897]  _copy_from_iter+0xd2/0xe80
[  487.248187][  T897]  ? alloc_pages_mpol+0x217/0x260
[  487.248220][  T897]  copy_page_from_iter+0x178/0x2a0
[  487.248267][  T897]  tun_get_user+0x679/0x26e0
[  487.248328][  T897]  ? ref_tracker_alloc+0x1f2/0x2f0
[  487.248458][  T897]  tun_chr_write_iter+0x15e/0x210
[  487.248500][  T897]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  487.248538][  T897]  vfs_write+0x52a/0x960
[  487.248584][  T897]  ksys_write+0xda/0x1a0
[  487.248620][  T897]  __x64_sys_write+0x40/0x50
[  487.248676][  T897]  x64_sys_call+0x2802/0x3000
[  487.248707][  T897]  do_syscall_64+0xd2/0x200
[  487.248743][  T897]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  487.248801][  T897]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  487.248832][  T897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.248911][  T897] RIP: 0033:0x7f7e0da7d97f
[  487.248935][  T897] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  487.248962][  T897] RSP: 002b:00007f7e0c4e7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  487.248990][  T897] RAX: ffffffffffffffda RBX: 00007f7e0dcd5fa0 RCX: 00007f7e0da7d97f
[  487.249009][  T897] RDX: 0000000000000036 RSI: 0000200000000000 RDI: 00000000000000c8
[  487.249026][  T897] RBP: 00007f7e0c4e7090 R08: 0000000000000000 R09: 0000000000000000
[  487.249124][  T897] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  487.249142][  T897] R13: 00007f7e0dcd6038 R14: 00007f7e0dcd5fa0 R15: 00007ffd897ee558
[  487.249169][  T897]  </TASK>
[  487.297590][  T897] Process accounting paused
[  487.308806][  T810] batman_adv: batadv0: Adding interface: batadv_slave_1
[  487.482957][  T810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  487.510173][  T810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  487.517306][  T903] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=903 comm=syz.1.11920
[  487.576252][  T905] loop9: detected capacity change from 0 to 512
[  487.604603][   T60] IPVS: stop unused estimator thread 0...
[  487.614191][  T905] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  487.628569][  T810] hsr_slave_0: entered promiscuous mode
[  487.638611][  T913] loop3: detected capacity change from 0 to 512
[  487.644645][  T810] hsr_slave_1: entered promiscuous mode
[  487.645583][  T905] ext4 filesystem being mounted at /579/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  487.651236][  T810] debugfs: 'hsr0' already exists in 'hsr'
[  487.667197][  T810] Cannot create hsr debugfs directory
[  487.679981][  T913] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  487.683165][  T905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  487.688202][  T913] EXT4-fs (loop3): orphan cleanup on readonly fs
[  487.697276][  T905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  487.716135][  T913] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.11925: corrupted inode contents
[  487.744307][   T60] ------------[ cut here ]------------
[  487.749837][   T60] WARNING: CPU: 0 PID: 60 at net/xfrm/xfrm_state.c:3306 xfrm_state_fini+0x179/0x1f0
[  487.759599][   T60] Modules linked in:
[  487.763560][   T60] CPU: 0 UID: 0 PID: 60 Comm: kworker/u8:4 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  487.765270][  T905] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #2: comm syz.9.11922: corrupted inode contents
[  487.775170][   T60] Tainted: [W]=WARN
[  487.775182][   T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  487.789251][  T913] EXT4-fs (loop3): Remounting filesystem read-only
[  487.791210][   T60] Workqueue: netns cleanup_net
[  487.801704][  T905] EXT4-fs error (device loop9): ext4_dirty_inode:6509: inode #2: comm syz.9.11922: mark_inode_dirty error
[  487.807932][   T60] 
[  487.807942][   T60] RIP: 0010:xfrm_state_fini+0x179/0x1f0
[  487.813231][  T913] EXT4-fs (loop3): 1 truncate cleaned up
[  487.824313][   T60] Code: 48 8d bb 70 0e 00 00 e8 65 a8 b7 fc 48 8b bb 70 0e 00 00 e8 e9 53 c4 fc 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 38 51 9c fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 2a 51 9c fc 90 0f 0b 90 4c 89 f7 e8 2e
[  487.859006][   T60] RSP: 0018:ffffc900001d3c60 EFLAGS: 00010293
[  487.859449][  T905] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #2: comm syz.9.11922: corrupted inode contents
[  487.865190][   T60] RAX: ffffffff84baee48 RBX: ffff88811908c680 RCX: ffff88810199b180
[  487.877514][  T905] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #2: comm syz.9.11922: mark_inode_dirty error
[  487.885458][   T60] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88811908d4c0
[  487.885481][   T60] RBP: ffffffff86c91000 R08: 0001ffff8684802f R09: 0000000000000000
[  487.913287][   T60] R10: ffffc900001d3be8 R11: 0001c900001d3be8 R12: ffffffff86c91020
[  487.921907][   T60] R13: ffff88811908c6a8 R14: ffff88811908d4c0 R15: ffff88811908c680
[  487.930075][   T60] FS:  0000000000000000(0000) GS:ffff8882aee3a000(0000) knlGS:0000000000000000
[  487.939899][   T60] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  487.946574][   T60] CR2: 0000000000000000 CR3: 0000000119760000 CR4: 00000000003506f0
[  487.954699][   T60] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  487.955124][  T905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  487.962687][   T60] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  487.962712][   T60] Call Trace:
[  487.962721][   T60]  <TASK>
[  487.962734][   T60]  xfrm_net_exit+0x2d/0x60
[  487.989008][  T905] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  487.990246][   T60]  ops_undo_list+0x27b/0x410
[  487.998910][  T919] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  488.002738][   T60]  cleanup_net+0x2f4/0x4f0
[  488.002768][   T60]  process_scheduled_works+0x4ce/0x9d0
[  488.011528][  T905] !yz!: rxe_newlink: already configured on team_slave_0
[  488.013976][   T60]  worker_thread+0x582/0x770
[  488.031190][   T60]  kthread+0x489/0x510
[  488.035394][   T60]  ? finish_task_switch+0xad/0x2b0
[  488.040661][   T60]  ? __pfx_worker_thread+0x10/0x10
[  488.045909][   T60]  ? __pfx_kthread+0x10/0x10
[  488.050616][   T60]  ret_from_fork+0x122/0x1b0
[  488.055372][   T60]  ? __pfx_kthread+0x10/0x10
[  488.060094][   T60]  ret_from_fork_asm+0x1a/0x30
[  488.064970][   T60]  </TASK>
[  488.068015][   T60] ---[ end trace 0000000000000000 ]---
[  488.074346][ T3684] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  488.085211][ T3684] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  488.096239][ T3684] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  488.107222][  T913] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  488.121891][  T924] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=924 comm=syz.1.11928
[  488.152812][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.176134][  T929] loop3: detected capacity change from 0 to 512
[  488.189407][  T929] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  488.198540][  T929] EXT4-fs (loop3): orphan cleanup on readonly fs
[  488.207021][  T929] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.11929: corrupted inode contents
[  488.219790][  T929] EXT4-fs (loop3): Remounting filesystem read-only
[  488.226710][  T929] EXT4-fs (loop3): 1 truncate cleaned up
[  488.245214][ T2870] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  488.255904][ T2870] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  488.267560][ T2870] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  488.278816][  T929] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  488.303725][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.376572][  T810] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  488.388736][  T810] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  488.395799][  T943] loop3: detected capacity change from 0 to 1024
[  488.403121][  T943] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  488.414297][  T943] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  488.425670][  T943] JBD2: no valid journal superblock found
[  488.427268][  T810] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  488.431465][  T943] EXT4-fs (loop3): Could not load journal inode
[  488.447772][  T810] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  488.455905][  T943] SELinux: security_context_str_to_sid (�-�Xܘ7.H\��%�u@
) failed with errno=-22
[  488.468923][  T943] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=943 comm=syz.3.11935
[  488.547257][  T810] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.581687][  T810] 8021q: adding VLAN 0 to HW filter on device team0
[  488.592014][  T958] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=958 comm=syz.3.11939
[  488.620611][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.627851][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.639225][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.646433][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.666762][T26610] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.757006][  T965] loop9: detected capacity change from 0 to 512
[  488.764466][  T810] 8021q: adding VLAN 0 to HW filter on device batadv0
[  488.777555][  T965] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  488.789810][  T965] EXT4-fs (loop9): orphan cleanup on readonly fs
[  488.798202][  T965] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #16: comm syz.9.11941: corrupted inode contents
[  488.818373][  T977] loop3: detected capacity change from 0 to 764
[  488.819774][  T965] EXT4-fs (loop9): Remounting filesystem read-only
[  488.828735][  T977] iso9660: Unknown parameter '9p'
[  488.845846][  T965] EXT4-fs (loop9): 1 truncate cleaned up
[  488.852719][   T60] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  488.863422][   T60] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  488.889299][   T60] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  488.911308][  T965] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  488.964666][  T810] veth0_vlan: entered promiscuous mode
[  488.976147][T26610] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.987561][  T810] veth1_vlan: entered promiscuous mode
[  489.029134][  T810] veth0_macvtap: entered promiscuous mode
[  489.045024][  T810] veth1_macvtap: entered promiscuous mode
[  489.075835][  T810] batman_adv: batadv0: Interface activated: batadv_slave_0
[  489.106263][  T810] batman_adv: batadv0: Interface activated: batadv_slave_1
[  489.132037][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  489.176455][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  489.217052][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  489.219655][ T1005] loop8: detected capacity change from 0 to 512
[  489.264252][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  489.282346][ T1005] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  489.326582][ T1005] EXT4-fs (loop8): orphan cleanup on readonly fs
[  489.366387][ T1005] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11955: corrupted inode contents
[  489.420393][ T1005] EXT4-fs (loop8): Remounting filesystem read-only
[  489.443649][ T1005] EXT4-fs (loop8): 1 truncate cleaned up
[  489.449554][ T2870] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  489.460600][ T2870] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  489.504164][ T2870] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  489.537092][ T1005] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  489.596065][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.698453][ T1033] siw: device registration error -23
[  489.766235][ T1038] loop2: detected capacity change from 0 to 512
[  489.791962][ T1038] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  489.806443][ T1038] EXT4-fs (loop2): orphan cleanup on readonly fs
[  489.817579][ T1038] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.11967: corrupted inode contents
[  489.847110][ T1038] EXT4-fs (loop2): Remounting filesystem read-only
[  489.854336][ T1038] EXT4-fs (loop2): 1 truncate cleaned up
[  489.860278][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  489.870908][   T12] __quota_error: 253 callbacks suppressed
[  489.870927][   T12] Quota error (device loop2): write_blk: dquota write failed
[  489.884707][   T12] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  489.894852][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  489.905470][   T12] Quota error (device loop2): write_blk: dquota write failed
[  489.912911][   T12] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  489.952000][ T1046] __nla_validate_parse: 10 callbacks suppressed
[  489.952021][ T1046] netlink: 24 bytes leftover after parsing attributes in process `syz.8.11970'.
[  489.954803][ T1049] netlink: 24 bytes leftover after parsing attributes in process `syz.3.11971'.
[  489.977339][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  489.987490][   T12] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  489.996905][   T12] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  490.014388][ T1038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  490.040221][ T1049] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1049 comm=syz.3.11971
[  490.096086][  T810] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.109838][   T29] audit: type=1326 audit(1760349064.899:51107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1057 comm="syz.3.11976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5570e0eec9 code=0x7ffc0000
[  490.148263][   T29] audit: type=1326 audit(1760349064.927:51108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1057 comm="syz.3.11976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5570e0eec9 code=0x7ffc0000
[  490.172682][   T29] audit: type=1326 audit(1760349064.927:51109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1057 comm="syz.3.11976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5570e0eec9 code=0x7ffc0000
[  490.196539][   T29] audit: type=1326 audit(1760349064.927:51110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1057 comm="syz.3.11976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5570e0eec9 code=0x7ffc0000
[  490.204790][ T1056] netlink: 24 bytes leftover after parsing attributes in process `syz.8.11974'.
[  490.247812][ T1060] loop2: detected capacity change from 0 to 512
[  490.255056][ T1060] EXT4-fs: Ignoring removed nobh option
[  490.264129][ T1062] loop3: detected capacity change from 0 to 512
[  490.270770][ T1062] EXT4-fs: Ignoring removed nobh option
[  490.308619][ T1060] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #3: comm syz.2.11975: corrupted inode contents
[  490.308973][ T1062] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #3: comm syz.3.11976: corrupted inode contents
[  490.324460][ T1071] loop8: detected capacity change from 0 to 512
[  490.333688][ T1060] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #3: comm syz.2.11975: mark_inode_dirty error
[  490.359919][ T1071] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  490.368252][ T1071] EXT4-fs (loop8): orphan cleanup on readonly fs
[  490.375047][ T1062] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #3: comm syz.3.11976: mark_inode_dirty error
[  490.387446][ T1060] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #3: comm syz.2.11975: corrupted inode contents
[  490.400996][ T1071] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.11978: corrupted inode contents
[  490.414116][ T1062] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #3: comm syz.3.11976: corrupted inode contents
[  490.426513][ T1060] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.11975: mark_inode_dirty error
[  490.438625][ T1064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11977'.
[  490.447749][ T1071] EXT4-fs (loop8): Remounting filesystem read-only
[  490.454831][ T1062] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #3: comm syz.3.11976: mark_inode_dirty error
[  490.469888][ T1060] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.11975: Failed to acquire dquot type 0
[  490.482000][ T1071] EXT4-fs (loop8): 1 truncate cleaned up
[  490.487850][   T12] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  490.498531][   T12] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  490.524375][   T12] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  490.534954][ T1062] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.11976: Failed to acquire dquot type 0
[  490.546858][ T1060] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.11975: corrupted inode contents
[  490.551640][ T1062] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.11976: corrupted inode contents
[  490.560004][ T1071] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  490.585151][ T1060] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #16: comm syz.2.11975: mark_inode_dirty error
[  490.597111][ T1060] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.11975: corrupted inode contents
[  490.609264][ T1062] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #16: comm syz.3.11976: mark_inode_dirty error
[  490.625740][ T1060] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.11975: mark_inode_dirty error
[  490.645411][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.654606][ T1060] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.11975: corrupted inode contents
[  490.659764][ T1062] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.11976: corrupted inode contents
[  490.678944][ T1060] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[  490.687985][ T1060] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.11975: corrupted inode contents
[  490.732814][ T1060] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.11975: mark_inode_dirty error
[  490.754064][ T1060] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[  490.763157][ T1062] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #16: comm syz.3.11976: mark_inode_dirty error
[  490.795339][ T1062] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.11976: corrupted inode contents
[  490.819013][ T1060] EXT4-fs (loop2): 1 truncate cleaned up
[  490.825225][ T1060] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  490.839542][ T1062] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[  490.860192][ T1096] loop9: detected capacity change from 0 to 164
[  490.861025][ T1060] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  490.870001][ T1062] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.11976: corrupted inode contents
[  490.900960][ T1096] ISOFS: unable to read i-node block
[  490.907167][ T1060] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  490.910703][ T1096] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  490.949593][ T1062] EXT4-fs error (device loop3): ext4_truncate:4637: inode #16: comm syz.3.11976: mark_inode_dirty error
[  490.949846][ T1094] netlink: 24 bytes leftover after parsing attributes in process `syz.8.11985'.
[  490.967884][ T1062] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[  491.021886][ T1062] EXT4-fs (loop3): 1 truncate cleaned up
[  491.043464][ T1062] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  491.070082][ T1062] ext4 filesystem being mounted at /221/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  491.103808][ T1062] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.324452][ T1127] netlink: 20 bytes leftover after parsing attributes in process `+}[@'.
[  491.377847][ T1130] SELinux:  unknown common r
[  491.391960][ T1130] SELinux: failed to load policy
[  491.536849][ T1136] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12003'.
[  491.560112][ T1137] loop9: detected capacity change from 0 to 764
[  491.576493][ T1137] iso9660: Unknown parameter '9p'
[  491.714498][ T1143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12006'.
[  491.837727][ T1150] loop3: detected capacity change from 0 to 1024
[  491.855527][ T1150] EXT4-fs: Ignoring removed orlov option
[  491.874489][ T1150] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  491.957018][ T1153] loop2: detected capacity change from 0 to 1024
[  492.005459][ T1153] EXT4-fs: Ignoring removed orlov option
[  492.019928][ T1153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  492.197972][ T1163] siw: device registration error -23
[  492.527957][ T1177] loop8: detected capacity change from 0 to 512
[  492.562531][ T1177] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  492.586197][ T1177] EXT4-fs (loop8): orphan cleanup on readonly fs
[  492.597410][ T1177] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12020: corrupted inode contents
[  492.623344][ T1177] EXT4-fs (loop8): Remounting filesystem read-only
[  492.639080][ T1177] EXT4-fs (loop8): 1 truncate cleaned up
[  492.645991][   T37] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  492.656805][   T37] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  492.674554][   T37] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  492.685484][ T1177] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  492.711859][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.762166][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.813264][ T2870] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.884777][ T2870] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.927586][ T1178] lo speed is unknown, defaulting to 1000
[  492.948318][ T2870] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.965005][  T810] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.966062][ T1201] loop8: detected capacity change from 0 to 164
[  492.999700][ T1201] ISOFS: unable to read i-node block
[  493.013794][ T1201] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  493.026673][ T2870] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.136417][ T1215] loop8: detected capacity change from 0 to 164
[  493.149277][ T1211] SELinux: failed to load policy
[  493.165512][ T1215] ISOFS: unable to read i-node block
[  493.171719][ T1215] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  493.195351][ T2870] bridge_slave_1: left allmulticast mode
[  493.201058][ T2870] bridge_slave_1: left promiscuous mode
[  493.206907][ T2870] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.218103][ T1213] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12031'.
[  493.227796][ T2870] bridge_slave_0: left allmulticast mode
[  493.233523][ T2870] bridge_slave_0: left promiscuous mode
[  493.239321][ T2870] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.472625][ T2870] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  493.491805][ T2870] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  493.512969][ T2870] bond0 (unregistering): Released all slaves
[  493.645216][ T1235] loop8: detected capacity change from 0 to 512
[  493.664061][ T1235] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  493.714808][ T2870] hsr_slave_0: left promiscuous mode
[  493.721831][ T1245] loop3: detected capacity change from 0 to 164
[  493.728421][ T1235] EXT4-fs (loop8): orphan cleanup on readonly fs
[  493.746329][ T2870] hsr_slave_1: left promiscuous mode
[  493.754107][ T1245] ISOFS: unable to read i-node block
[  493.760113][ T1235] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12039: corrupted inode contents
[  493.774548][ T1245] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  493.785619][ T2870] veth1_macvtap: left promiscuous mode
[  493.791291][ T2870] veth0_macvtap: left promiscuous mode
[  493.797758][ T1235] EXT4-fs (loop8): Remounting filesystem read-only
[  493.805164][ T2870] veth1_vlan: left promiscuous mode
[  493.810826][ T1235] EXT4-fs (loop8): 1 truncate cleaned up
[  493.816692][   T12] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  493.827456][   T12] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  493.838291][ T2870] veth0_vlan: left promiscuous mode
[  493.838323][   T12] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  493.855053][ T1235] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  493.898840][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  494.024495][ T2870] team0 (unregistering): Port device team_slave_1 removed
[  494.037382][ T2870] team0 (unregistering): Port device team_slave_0 removed
[  494.150470][   T23] lo speed is unknown, defaulting to 1000
[  494.150677][ T1178] chnl_net:caif_netlink_parms(): no params data found
[  494.156396][   T23] infiniband syz0: ib_query_port failed (-19)
[  494.345957][ T1262] lo speed is unknown, defaulting to 1000
[  494.346213][ T1178] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.358983][ T1178] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.380359][ T1178] bridge_slave_0: entered allmulticast mode
[  494.398198][ T1178] bridge_slave_0: entered promiscuous mode
[  494.412003][ T1263] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  494.420014][ T1262] lo speed is unknown, defaulting to 1000
[  494.420133][ T1178] bridge0: port 2(bridge_slave_1) entered blocking state
[  494.433404][ T1178] bridge0: port 2(bridge_slave_1) entered disabled state
[  494.454511][ T1264] netlink: 20 bytes leftover after parsing attributes in process `syz.8.12047'.
[  494.457688][ T1178] bridge_slave_1: entered allmulticast mode
[  494.474524][ T1178] bridge_slave_1: entered promiscuous mode
[  494.483925][ T1262] lo speed is unknown, defaulting to 1000
[  494.494715][ T1262] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  494.517936][ T1178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  494.527474][ T1262] lo speed is unknown, defaulting to 1000
[  494.533640][ T1262] lo speed is unknown, defaulting to 1000
[  494.542401][ T1178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  494.562613][ T2870] ------------[ cut here ]------------
[  494.568142][ T2870] WARNING: CPU: 1 PID: 2870 at net/xfrm/xfrm_state.c:3306 xfrm_state_fini+0x179/0x1f0
[  494.577915][ T2870] Modules linked in:
[  494.582125][ T2870] CPU: 1 UID: 0 PID: 2870 Comm: kworker/u8:7 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  494.591718][ T1262] lo speed is unknown, defaulting to 1000
[  494.593893][ T2870] Tainted: [W]=WARN
[  494.600281][ T1262] lo speed is unknown, defaulting to 1000
[  494.603540][ T2870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  494.609888][ T1262] lo speed is unknown, defaulting to 1000
[  494.619413][ T2870] Workqueue: netns cleanup_net
[  494.619449][ T2870] RIP: 0010:xfrm_state_fini+0x179/0x1f0
[  494.635940][ T2870] Code: 48 8d bb 70 0e 00 00 e8 65 a8 b7 fc 48 8b bb 70 0e 00 00 e8 e9 53 c4 fc 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 38 51 9c fc 90 <0f> 0b 90 e9 d9 fe ff ff e8 2a 51 9c fc 90 0f 0b 90 4c 89 f7 e8 2e
[  494.655971][ T2870] RSP: 0018:ffffc90003007c60 EFLAGS: 00010293
[  494.662173][ T2870] RAX: ffffffff84baee48 RBX: ffff888119088000 RCX: ffff88810400c200
[  494.670208][ T2870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888119088e40
[  494.678232][ T2870] RBP: ffffffff86c91000 R08: 0001ffff8684802f R09: 0000000000000000
[  494.686314][ T2870] R10: ffffc90003007be8 R11: 0001c90003007be8 R12: ffffffff86c91020
[  494.694558][ T2870] R13: ffff888119088028 R14: ffff888119088e40 R15: ffff888119088000
[  494.702588][ T2870] FS:  0000000000000000(0000) GS:ffff8882aef3a000(0000) knlGS:0000000000000000
[  494.711931][ T2870] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  494.718651][ T2870] CR2: 0000000000000000 CR3: 00000001185a6000 CR4: 00000000003506f0
[  494.727143][ T2870] DR0: 0000200000000300 DR1: 0000200000000300 DR2: 0000200000000300
[  494.735526][ T2870] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  494.743570][ T2870] Call Trace:
[  494.746880][ T2870]  <TASK>
[  494.750011][ T2870]  xfrm_net_exit+0x2d/0x60
[  494.754648][ T2870]  ops_undo_list+0x27b/0x410
[  494.759461][ T2870]  cleanup_net+0x2f4/0x4f0
[  494.764024][ T2870]  process_scheduled_works+0x4ce/0x9d0
[  494.769621][ T2870]  worker_thread+0x582/0x770
[  494.774341][ T2870]  kthread+0x489/0x510
[  494.778448][ T2870]  ? finish_task_switch+0xad/0x2b0
[  494.783660][ T2870]  ? __pfx_worker_thread+0x10/0x10
[  494.788888][ T2870]  ? __pfx_kthread+0x10/0x10
[  494.793670][ T2870]  ret_from_fork+0x122/0x1b0
[  494.798582][ T2870]  ? __pfx_kthread+0x10/0x10
[  494.803243][ T2870]  ret_from_fork_asm+0x1a/0x30
[  494.808126][ T2870]  </TASK>
[  494.811247][ T2870] ---[ end trace 0000000000000000 ]---
[  494.827099][ T1178] team0: Port device team_slave_0 added
[  494.834405][ T1178] team0: Port device team_slave_1 added
[  494.857047][ T1178] batman_adv: batadv0: Adding interface: batadv_slave_0
[  494.864298][ T1178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  494.890543][ T1178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  494.904140][ T1178] batman_adv: batadv0: Adding interface: batadv_slave_1
[  494.911137][ T1178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  494.937690][ T1178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  494.989671][ T1178] hsr_slave_0: entered promiscuous mode
[  494.995964][ T1178] hsr_slave_1: entered promiscuous mode
[  495.020654][ T1178] debugfs: 'hsr0' already exists in 'hsr'
[  495.026581][ T1178] Cannot create hsr debugfs directory
[  495.144964][ T1307] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1307 comm=syz.3.12059
[  495.421615][ T1178] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  495.468394][ T1178] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  495.501001][ T1315] loop2: detected capacity change from 0 to 512
[  495.509962][ T1178] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  495.519944][ T1315] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  495.530010][ T1301] Process accounting paused
[  495.543101][ T1178] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  495.543421][ T1315] EXT4-fs (loop2): orphan cleanup on readonly fs
[  495.558442][ T1315] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12062: corrupted inode contents
[  495.570981][ T1315] EXT4-fs (loop2): Remounting filesystem read-only
[  495.578152][ T1315] EXT4-fs (loop2): 1 truncate cleaned up
[  495.602604][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  495.613377][   T12] __quota_error: 200 callbacks suppressed
[  495.613398][   T12] Quota error (device loop2): write_blk: dquota write failed
[  495.626670][   T12] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[  495.637008][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  495.647737][   T12] Quota error (device loop2): write_blk: dquota write failed
[  495.655283][   T12] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[  495.665859][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  495.676075][   T12] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  495.685373][   T12] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  495.696541][ T1315] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  495.718043][   T29] audit: type=1326 audit(1760349070.147:51287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1328 comm="syz.1.12064" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5e662aeec9 code=0x0
[  495.757673][  T810] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.789911][   T29] audit: type=1400 audit(1760349070.213:51288): avc:  denied  { write } for  pid=1330 comm="syz.2.12065" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  495.804092][ T1178] 8021q: adding VLAN 0 to HW filter on device bond0
[  495.823991][ T1178] 8021q: adding VLAN 0 to HW filter on device team0
[  495.834381][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.841715][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  495.860680][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.868022][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  495.871085][   T29] audit: type=1400 audit(1760349070.278:51289): avc:  denied  { read } for  pid=1330 comm="syz.2.12065" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  495.905437][ T1178] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  495.992278][ T1341] loop8: detected capacity change from 0 to 512
[  496.005117][ T1178] 8021q: adding VLAN 0 to HW filter on device batadv0
[  496.014279][ T1341] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  496.025436][ T1341] EXT4-fs (loop8): orphan cleanup on readonly fs
[  496.043200][ T1341] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12066: corrupted inode contents
[  496.066472][ T1341] EXT4-fs (loop8): Remounting filesystem read-only
[  496.082160][ T1341] EXT4-fs (loop8): 1 truncate cleaned up
[  496.089772][ T2870] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  496.100448][ T2870] Quota error (device loop8): write_blk: dquota write failed
[  496.108084][ T2870] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  496.120457][ T2870] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  496.138095][ T1341] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  496.176692][ T1355] FAULT_INJECTION: forcing a failure.
[  496.176692][ T1355] name failslab, interval 1, probability 0, space 0, times 0
[  496.189575][ T1355] CPU: 0 UID: 0 PID: 1355 Comm: syz.2.12067 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  496.189674][ T1355] Tainted: [W]=WARN
[  496.189683][ T1355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  496.189701][ T1355] Call Trace:
[  496.189712][ T1355]  <TASK>
[  496.189723][ T1355]  __dump_stack+0x1d/0x30
[  496.189750][ T1355]  dump_stack_lvl+0xe8/0x140
[  496.189842][ T1355]  dump_stack+0x15/0x1b
[  496.189867][ T1355]  should_fail_ex+0x265/0x280
[  496.189976][ T1355]  should_failslab+0x8c/0xb0
[  496.190011][ T1355]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  496.190050][ T1355]  ? __alloc_skb+0x101/0x320
[  496.190116][ T1355]  __alloc_skb+0x101/0x320
[  496.190178][ T1355]  netlink_alloc_large_skb+0xbf/0xf0
[  496.190213][ T1355]  netlink_sendmsg+0x3cf/0x6b0
[  496.190251][ T1355]  ? __pfx_netlink_sendmsg+0x10/0x10
[  496.190329][ T1355]  __sock_sendmsg+0x145/0x180
[  496.190354][ T1355]  ____sys_sendmsg+0x31e/0x4e0
[  496.190397][ T1355]  ___sys_sendmsg+0x17b/0x1d0
[  496.190453][ T1355]  __x64_sys_sendmsg+0xd4/0x160
[  496.190525][ T1355]  x64_sys_call+0x191e/0x3000
[  496.190555][ T1355]  do_syscall_64+0xd2/0x200
[  496.190588][ T1355]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  496.190647][ T1355]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  496.190678][ T1355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.190708][ T1355] RIP: 0033:0x7fe8e548eec9
[  496.190729][ T1355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.190823][ T1355] RSP: 002b:00007fe8e3ef7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  496.190849][ T1355] RAX: ffffffffffffffda RBX: 00007fe8e56e5fa0 RCX: 00007fe8e548eec9
[  496.190865][ T1355] RDX: 0000000000000100 RSI: 00002000000002c0 RDI: 0000000000000004
[  496.190883][ T1355] RBP: 00007fe8e3ef7090 R08: 0000000000000000 R09: 0000000000000000
[  496.190900][ T1355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  496.190918][ T1355] R13: 00007fe8e56e6038 R14: 00007fe8e56e5fa0 R15: 00007ffeef92f618
[  496.190943][ T1355]  </TASK>
[  496.235696][ T1178] veth0_vlan: entered promiscuous mode
[  496.410926][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.414616][ T1359] loop2: detected capacity change from 0 to 164
[  496.427855][ T1359] ISOFS: unable to read i-node block
[  496.433376][ T1359] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  496.453935][ T1178] veth1_vlan: entered promiscuous mode
[  496.493522][ T1178] veth0_macvtap: entered promiscuous mode
[  496.508877][ T1178] veth1_macvtap: entered promiscuous mode
[  496.522880][ T1178] batman_adv: batadv0: Interface activated: batadv_slave_0
[  496.538533][ T1178] batman_adv: batadv0: Interface activated: batadv_slave_1
[  496.542119][ T1370] SELinux: ebitmap: truncated map
[  496.554228][ T1370] SELinux: failed to load policy
[  496.567186][ T3684] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  496.588161][ T3684] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  496.615562][ T1374] loop2: detected capacity change from 0 to 512
[  496.623325][ T1374] EXT4-fs: Ignoring removed nobh option
[  496.623520][   T12] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.648476][   T12] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.669343][ T1374] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #3: comm syz.2.12075: corrupted inode contents
[  496.683484][ T1376] __nla_validate_parse: 1 callbacks suppressed
[  496.683505][ T1376] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12076'.
[  496.705233][ T1374] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #3: comm syz.2.12075: mark_inode_dirty error
[  496.722754][ T1374] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #3: comm syz.2.12075: corrupted inode contents
[  496.735005][ T1386] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12018'.
[  496.753354][ T1386] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  496.760896][ T1386] batman_adv: batadv0: Removing interface: batadv_slave_0
[  496.768654][ T1374] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.12075: mark_inode_dirty error
[  496.795021][ T1374] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.12075: Failed to acquire dquot type 0
[  496.815459][ T1386] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  496.819799][ T1390] syz!: rxe_newlink: already configured on team_slave_0
[  496.822900][ T1386] batman_adv: batadv0: Removing interface: batadv_slave_1
[  496.839015][ T1374] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12075: corrupted inode contents
[  496.863122][ T1374] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #16: comm syz.2.12075: mark_inode_dirty error
[  496.875676][ T1393] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12079'.
[  496.877949][ T1374] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12075: corrupted inode contents
[  496.898740][ T1374] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.12075: mark_inode_dirty error
[  496.917040][ T1374] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12075: corrupted inode contents
[  496.930678][ T1393] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1393 comm=syz.3.12079
[  496.944484][ T1374] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[  496.955671][ T1374] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12075: corrupted inode contents
[  496.982850][ T1374] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.12075: mark_inode_dirty error
[  496.997766][ T1374] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[  497.010192][ T1374] EXT4-fs (loop2): 1 truncate cleaned up
[  497.032836][ T1374] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.077200][ T1374] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  497.095292][ T1406] pim6reg1: entered promiscuous mode
[  497.100802][ T1406] pim6reg1: entered allmulticast mode
[  497.101970][ T1374] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.320131][ T1421] loop3: detected capacity change from 0 to 512
[  497.350299][ T1421] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  497.358665][ T1421] EXT4-fs (loop3): orphan cleanup on readonly fs
[  497.369609][ T1421] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.12091: corrupted inode contents
[  497.389884][ T1421] EXT4-fs (loop3): Remounting filesystem read-only
[  497.402385][ T1421] EXT4-fs (loop3): 1 truncate cleaned up
[  497.408539][ T3671] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  497.419270][ T3671] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  497.450401][ T1425] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  497.460142][ T3671] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  497.470648][ T1425] SELinux: failed to load policy
[  497.477091][ T1421] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  497.501598][ T1427] loop8: detected capacity change from 0 to 512
[  497.518017][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.527936][ T1427] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  497.537410][ T1427] EXT4-fs (loop8): orphan cleanup on readonly fs
[  497.545725][ T1427] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12093: corrupted inode contents
[  497.558252][ T1427] EXT4-fs (loop8): Remounting filesystem read-only
[  497.565107][ T1427] EXT4-fs (loop8): 1 truncate cleaned up
[  497.571000][   T37] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  497.581835][   T37] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  497.592829][   T37] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  497.603950][ T1427] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  497.635183][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.677914][ T1435] FAULT_INJECTION: forcing a failure.
[  497.677914][ T1435] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  497.691151][ T1435] CPU: 0 UID: 0 PID: 1435 Comm: syz.8.12096 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  497.691231][ T1435] Tainted: [W]=WARN
[  497.691239][ T1435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  497.691252][ T1435] Call Trace:
[  497.691259][ T1435]  <TASK>
[  497.691268][ T1435]  __dump_stack+0x1d/0x30
[  497.691349][ T1435]  dump_stack_lvl+0xe8/0x140
[  497.691370][ T1435]  dump_stack+0x15/0x1b
[  497.691387][ T1435]  should_fail_ex+0x265/0x280
[  497.691435][ T1435]  should_fail+0xb/0x20
[  497.691468][ T1435]  should_fail_usercopy+0x1a/0x20
[  497.691490][ T1435]  _copy_from_user+0x1c/0xb0
[  497.691539][ T1435]  __sys_bpf+0x183/0x7c0
[  497.691582][ T1435]  __x64_sys_bpf+0x41/0x50
[  497.691612][ T1435]  x64_sys_call+0x2aee/0x3000
[  497.691713][ T1435]  do_syscall_64+0xd2/0x200
[  497.691738][ T1435]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  497.691768][ T1435]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  497.691798][ T1435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.691839][ T1435] RIP: 0033:0x7fcb32bbeec9
[  497.691855][ T1435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  497.691875][ T1435] RSP: 002b:00007fcb3161f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  497.691896][ T1435] RAX: ffffffffffffffda RBX: 00007fcb32e15fa0 RCX: 00007fcb32bbeec9
[  497.691909][ T1435] RDX: 0000000000000018 RSI: 0000200000000700 RDI: 0000000000000011
[  497.691970][ T1435] RBP: 00007fcb3161f090 R08: 0000000000000000 R09: 0000000000000000
[  497.691983][ T1435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  497.691996][ T1435] R13: 00007fcb32e16038 R14: 00007fcb32e15fa0 R15: 00007fff988a1238
[  497.692017][ T1435]  </TASK>
[  497.928558][ T1439] pim6reg1: entered promiscuous mode
[  497.934012][ T1439] pim6reg1: entered allmulticast mode
[  497.985999][ T1447] loop3: detected capacity change from 0 to 512
[  498.001910][ T1447] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  498.010446][ T1447] EXT4-fs (loop3): orphan cleanup on readonly fs
[  498.018467][ T1447] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.12102: corrupted inode contents
[  498.031004][ T1447] EXT4-fs (loop3): Remounting filesystem read-only
[  498.037863][ T1447] EXT4-fs (loop3): 1 truncate cleaned up
[  498.052153][ T3684] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  498.063188][ T3684] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  498.074001][ T3684] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  498.086299][ T1447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  498.146828][ T1453] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  498.158857][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  498.168877][ T1453] SELinux: failed to load policy
[  498.306875][ T1469] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  498.410521][ T1475] loop8: detected capacity change from 0 to 512
[  498.442586][ T1475] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  498.484189][ T1475] ext4 filesystem being mounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  498.528551][ T1475] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.559199][ T1475] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.695657][ T1475] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #2: comm syz.8.12113: corrupted inode contents
[  498.703334][ T1485] siw: device registration error -23
[  498.714671][ T1475] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #2: comm syz.8.12113: mark_inode_dirty error
[  498.730430][ T1475] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #2: comm syz.8.12113: corrupted inode contents
[  498.740884][ T1485] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12116'.
[  498.753373][ T1475] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #2: comm syz.8.12113: mark_inode_dirty error
[  498.766268][ T1475] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.775068][ T1475] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.832750][ T1475] infiniband !yz!: set active
[  498.837559][ T1475] infiniband !yz!: added team_slave_0
[  498.859346][ T1475] RDS/IB: !yz!: added
[  499.119663][ T1497] loop3: detected capacity change from 0 to 764
[  499.126323][ T1497] iso9660: Unknown parameter '9p'
[  499.530552][ T1509] infiniband syz2: set active
[  499.535298][ T1509] infiniband syz2: added bond0
[  499.557712][ T1509] RDS/IB: syz2: added
[  499.721532][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.736745][ T1512] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12128'.
[  499.798088][ T1512] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1512 comm=syz.2.12128
[  499.920522][ T1529] loop2: detected capacity change from 0 to 128
[  499.934831][ T1529] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  499.970034][ T1520] loop8: detected capacity change from 0 to 764
[  499.992993][ T1529] xt_CT: You must specify a L4 protocol and not use inversions on it
[  500.002844][ T1520] iso9660: Unknown parameter '9p'
[  500.008223][ T1535] loop9: detected capacity change from 0 to 512
[  500.014627][ T1529] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  500.014673][ T1529] FAT-fs (loop2): Filesystem has been set read-only
[  500.022625][ T1529] syz.2.12133: attempt to access beyond end of device
[  500.022625][ T1529] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[  500.054258][ T1537] siw: device registration error -23
[  500.064469][ T1535] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  500.067157][ T1537] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12137'.
[  500.075133][ T1535] EXT4-fs (loop9): orphan cleanup on readonly fs
[  500.128697][ T1535] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #16: comm syz.9.12136: corrupted inode contents
[  500.150303][ T1535] EXT4-fs (loop9): Remounting filesystem read-only
[  500.157132][ T1535] EXT4-fs (loop9): 1 truncate cleaned up
[  500.163076][ T3671] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  500.173835][ T3671] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  500.184657][ T3671] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  500.195690][ T1535] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  500.215244][ T1550] loop8: detected capacity change from 0 to 512
[  500.222518][ T1178] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.253226][ T1554] FAULT_INJECTION: forcing a failure.
[  500.253226][ T1554] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.266897][ T1554] CPU: 0 UID: 0 PID: 1554 Comm: syz.9.12140 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  500.266936][ T1554] Tainted: [W]=WARN
[  500.266943][ T1554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  500.266963][ T1554] Call Trace:
[  500.267040][ T1554]  <TASK>
[  500.267049][ T1554]  __dump_stack+0x1d/0x30
[  500.267083][ T1554]  dump_stack_lvl+0xe8/0x140
[  500.267173][ T1554]  dump_stack+0x15/0x1b
[  500.267192][ T1554]  should_fail_ex+0x265/0x280
[  500.267237][ T1554]  should_fail+0xb/0x20
[  500.267332][ T1554]  should_fail_usercopy+0x1a/0x20
[  500.267359][ T1554]  _copy_from_iter+0xd2/0xe80
[  500.267392][ T1554]  ? alloc_pages_mpol+0x217/0x260
[  500.267480][ T1554]  copy_page_from_iter+0x178/0x2a0
[  500.267507][ T1554]  tun_get_user+0x679/0x26e0
[  500.267544][ T1554]  ? ref_tracker_alloc+0x1f2/0x2f0
[  500.267654][ T1554]  tun_chr_write_iter+0x15e/0x210
[  500.267693][ T1554]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  500.267721][ T1554]  vfs_write+0x52a/0x960
[  500.267751][ T1554]  ksys_write+0xda/0x1a0
[  500.267777][ T1554]  __x64_sys_write+0x40/0x50
[  500.267881][ T1554]  x64_sys_call+0x2802/0x3000
[  500.267975][ T1554]  do_syscall_64+0xd2/0x200
[  500.268061][ T1554]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  500.268140][ T1554]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  500.268164][ T1554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.268186][ T1554] RIP: 0033:0x7fafb3ebd97f
[  500.268204][ T1554] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  500.268224][ T1554] RSP: 002b:00007fafb2927000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  500.268244][ T1554] RAX: ffffffffffffffda RBX: 00007fafb4115fa0 RCX: 00007fafb3ebd97f
[  500.268257][ T1554] RDX: 0000000000000036 RSI: 0000200000000100 RDI: 00000000000000c8
[  500.268294][ T1554] RBP: 00007fafb2927090 R08: 0000000000000000 R09: 0000000000000000
[  500.268307][ T1554] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  500.268319][ T1554] R13: 00007fafb4116038 R14: 00007fafb4115fa0 R15: 00007fffb6a31e88
[  500.268340][ T1554]  </TASK>
[  500.500457][ T1550] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  500.509006][ T1550] EXT4-fs (loop8): orphan cleanup on readonly fs
[  500.526553][ T1550] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12139: corrupted inode contents
[  500.539569][ T1550] EXT4-fs (loop8): Remounting filesystem read-only
[  500.549627][ T1562] netlink: 24 bytes leftover after parsing attributes in process `syz.1.12143'.
[  500.559574][ T1550] EXT4-fs (loop8): 1 truncate cleaned up
[  500.565560][ T3671] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  500.576290][ T3671] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  500.587759][ T3671] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  500.603135][ T1562] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1562 comm=syz.1.12143
[  500.604027][ T1550] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  500.664316][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.757828][ T1574] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  500.809583][ T1575] loop8: detected capacity change from 0 to 764
[  500.825087][ T1575] iso9660: Unknown parameter '9p'
[  500.923991][ T1582] loop3: detected capacity change from 0 to 512
[  500.964627][   T29] kauditd_printk_skb: 354 callbacks suppressed
[  500.964643][   T29] audit: type=1326 audit(1760349075.059:51607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.8.12154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcb32bbd97f code=0x7ffc0000
[  501.003080][ T1587] loop8: detected capacity change from 0 to 512
[  501.010224][ T1582] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  501.018850][ T1587] EXT4-fs: Ignoring removed nobh option
[  501.025055][ T1582] EXT4-fs (loop3): orphan cleanup on readonly fs
[  501.032139][   T29] audit: type=1326 audit(1760349075.087:51608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.8.12154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fcb32bbef57 code=0x7ffc0000
[  501.055983][   T29] audit: type=1326 audit(1760349075.087:51609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.8.12154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcb32bbd710 code=0x7ffc0000
[  501.079809][   T29] audit: type=1326 audit(1760349075.087:51610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.8.12154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcb32bbeacb code=0x7ffc0000
[  501.097434][ T1582] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.12151: corrupted inode contents
[  501.103571][   T29] audit: type=1326 audit(1760349075.106:51611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.8.12154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcb32bbdb2a code=0x7ffc0000
[  501.116289][ T1582] EXT4-fs (loop3): Remounting filesystem read-only
[  501.139831][   T29] audit: type=1326 audit(1760349075.106:51612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.8.12154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcb32bbdb2a code=0x7ffc0000
[  501.146733][ T1582] EXT4-fs (loop3): 1 truncate cleaned up
[  501.170090][   T29] audit: type=1326 audit(1760349075.106:51613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.8.12154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fcb32bbd617 code=0x7ffc0000
[  501.170183][   T29] audit: type=1326 audit(1760349075.106:51614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1586 comm="syz.8.12154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fcb32bc066a code=0x7ffc0000
[  501.176075][   T37] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  501.200043][   T29] audit: type=1326 audit(1760349075.106:51615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1589 comm="syz.2.12155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8e548eec9 code=0x7ffc0000
[  501.223924][   T37] Quota error (device loop3): write_blk: dquota write failed
[  501.246131][ T1587] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #3: comm syz.8.12154: corrupted inode contents
[  501.258421][   T37] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  501.266220][ T1587] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #3: comm syz.8.12154: mark_inode_dirty error
[  501.278300][   T37] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  501.289320][ T1587] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #3: comm syz.8.12154: corrupted inode contents
[  501.323483][ T1582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  501.336965][ T1600] netlink: 24 bytes leftover after parsing attributes in process `syz.1.12157'.
[  501.353457][ T1587] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.12154: mark_inode_dirty error
[  501.372733][ T1602] netlink: 24 bytes leftover after parsing attributes in process `syz.9.12158'.
[  501.382867][ T1587] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.12154: Failed to acquire dquot type 0
[  501.395813][ T1587] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12154: corrupted inode contents
[  501.408060][ T1587] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #16: comm syz.8.12154: mark_inode_dirty error
[  501.420160][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.430244][ T1587] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12154: corrupted inode contents
[  501.443327][ T1602] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1602 comm=syz.9.12158
[  501.450629][ T1587] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.12154: mark_inode_dirty error
[  501.473269][ T1600] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1600 comm=syz.1.12157
[  501.496526][ T1587] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12154: corrupted inode contents
[  501.509599][ T1587] EXT4-fs error (device loop8) in ext4_orphan_del:301: Corrupt filesystem
[  501.518309][ T1587] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12154: corrupted inode contents
[  501.538993][ T1587] EXT4-fs error (device loop8): ext4_truncate:4637: inode #16: comm syz.8.12154: mark_inode_dirty error
[  501.560778][ T1587] EXT4-fs error (device loop8) in ext4_process_orphan:343: Corrupt filesystem
[  501.572028][ T1587] EXT4-fs (loop8): 1 truncate cleaned up
[  501.589721][ T1587] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.602383][ T1614] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  501.612423][ T1611] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12160'.
[  501.631058][ T1587] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  501.649429][ T1587] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.733600][ T1626] pim6reg1: entered promiscuous mode
[  501.739275][ T1626] pim6reg1: entered allmulticast mode
[  501.796839][ T1625] !yz!: rxe_newlink: already configured on team_slave_0
[  501.825595][ T1630] FAULT_INJECTION: forcing a failure.
[  501.825595][ T1630] name failslab, interval 1, probability 0, space 0, times 0
[  501.838584][ T1630] CPU: 0 UID: 0 PID: 1630 Comm: syz.8.12170 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  501.838641][ T1630] Tainted: [W]=WARN
[  501.838648][ T1630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  501.838721][ T1630] Call Trace:
[  501.838730][ T1630]  <TASK>
[  501.838740][ T1630]  __dump_stack+0x1d/0x30
[  501.838765][ T1630]  dump_stack_lvl+0xe8/0x140
[  501.838790][ T1630]  dump_stack+0x15/0x1b
[  501.838812][ T1630]  should_fail_ex+0x265/0x280
[  501.838930][ T1630]  should_failslab+0x8c/0xb0
[  501.839036][ T1630]  __kmalloc_noprof+0xa5/0x570
[  501.839074][ T1630]  ? io_cache_alloc_new+0x2a/0xb0
[  501.839149][ T1630]  io_cache_alloc_new+0x2a/0xb0
[  501.839189][ T1630]  __io_prep_rw+0xcf/0x6d0
[  501.839231][ T1630]  ? __rcu_read_unlock+0x4f/0x70
[  501.839258][ T1630]  io_prep_rwv+0x33/0x250
[  501.839327][ T1630]  io_prep_writev+0x22/0x30
[  501.839357][ T1630]  io_submit_sqes+0x5ef/0x1060
[  501.839417][ T1630]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  501.839454][ T1630]  ? 0xffffffff81000000
[  501.839467][ T1630]  ? __rcu_read_unlock+0x4f/0x70
[  501.839605][ T1630]  ? get_pid_task+0x96/0xd0
[  501.839690][ T1630]  ? proc_fail_nth_write+0x13b/0x160
[  501.839727][ T1630]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  501.839844][ T1630]  ? vfs_write+0x7e8/0x960
[  501.839870][ T1630]  ? __rcu_read_unlock+0x4f/0x70
[  501.839904][ T1630]  ? __fget_files+0x184/0x1c0
[  501.839933][ T1630]  ? fput+0x8f/0xc0
[  501.840039][ T1630]  __x64_sys_io_uring_enter+0x78/0x90
[  501.840079][ T1630]  x64_sys_call+0x2df0/0x3000
[  501.840110][ T1630]  do_syscall_64+0xd2/0x200
[  501.840176][ T1630]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  501.840214][ T1630]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  501.840245][ T1630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.840268][ T1630] RIP: 0033:0x7fcb32bbeec9
[  501.840283][ T1630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.840306][ T1630] RSP: 002b:00007fcb3161f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  501.840341][ T1630] RAX: ffffffffffffffda RBX: 00007fcb32e15fa0 RCX: 00007fcb32bbeec9
[  501.840359][ T1630] RDX: 000000000000d480 RSI: 00000000000029ab RDI: 0000000000000006
[  501.840375][ T1630] RBP: 00007fcb3161f090 R08: 0000000000000000 R09: 0000000000000000
[  501.840387][ T1630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.840399][ T1630] R13: 00007fcb32e16038 R14: 00007fcb32e15fa0 R15: 00007fff988a1238
[  501.840435][ T1630]  </TASK>
[  502.137618][ T1635] siw: device registration error -23
[  502.147926][ T1639] loop9: detected capacity change from 0 to 7
[  502.154864][ T1639] Buffer I/O error on dev loop9, logical block 0, async page read
[  502.163370][ T1639] Buffer I/O error on dev loop9, logical block 0, async page read
[  502.171411][ T1639]  loop9: unable to read partition table
[  502.177508][ T1639] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ���
[  502.177508][ T1639] 
) failed (rc=-5)
[  502.208702][ T1641] loop8: detected capacity change from 0 to 764
[  502.217025][ T1641] iso9660: Unknown parameter '9p'
[  502.284069][ T1643] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  502.310906][ T1652] __nla_validate_parse: 1 callbacks suppressed
[  502.310926][ T1652] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12181'.
[  502.341545][ T1650] loop8: detected capacity change from 0 to 512
[  502.348314][ T1650] EXT4-fs: Ignoring removed nobh option
[  502.362936][ T1652] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1652 comm=syz.3.12181
[  502.395291][ T1650] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #3: comm syz.8.12179: corrupted inode contents
[  502.425673][ T1650] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #3: comm syz.8.12179: mark_inode_dirty error
[  502.448639][ T1650] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #3: comm syz.8.12179: corrupted inode contents
[  502.464577][ T1650] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #3: comm syz.8.12179: mark_inode_dirty error
[  502.478009][ T1650] EXT4-fs error (device loop8): ext4_acquire_dquot:6945: comm syz.8.12179: Failed to acquire dquot type 0
[  502.491353][ T1650] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12179: corrupted inode contents
[  502.504381][ T1650] EXT4-fs error (device loop8): ext4_dirty_inode:6509: inode #16: comm syz.8.12179: mark_inode_dirty error
[  502.516064][ T1650] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12179: corrupted inode contents
[  502.528455][ T1650] EXT4-fs error (device loop8): __ext4_ext_dirty:206: inode #16: comm syz.8.12179: mark_inode_dirty error
[  502.540064][ T1650] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12179: corrupted inode contents
[  502.552448][ T1650] EXT4-fs error (device loop8) in ext4_orphan_del:301: Corrupt filesystem
[  502.563160][ T1650] EXT4-fs error (device loop8): ext4_do_update_inode:5624: inode #16: comm syz.8.12179: corrupted inode contents
[  502.575384][ T1650] EXT4-fs error (device loop8): ext4_truncate:4637: inode #16: comm syz.8.12179: mark_inode_dirty error
[  502.642775][ T1650] EXT4-fs error (device loop8) in ext4_process_orphan:343: Corrupt filesystem
[  502.652773][ T1650] EXT4-fs (loop8): 1 truncate cleaned up
[  502.658945][ T1650] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  502.694681][ T1650] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  502.706475][ T1650] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.805103][ T1678] netlink: 20 bytes leftover after parsing attributes in process `syz.2.12185'.
[  502.960746][ T1683] FAULT_INJECTION: forcing a failure.
[  502.960746][ T1683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  502.974056][ T1683] CPU: 1 UID: 0 PID: 1683 Comm: syz.8.12191 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  502.974156][ T1683] Tainted: [W]=WARN
[  502.974166][ T1683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  502.974184][ T1683] Call Trace:
[  502.974193][ T1683]  <TASK>
[  502.974204][ T1683]  __dump_stack+0x1d/0x30
[  502.974230][ T1683]  dump_stack_lvl+0xe8/0x140
[  502.974257][ T1683]  dump_stack+0x15/0x1b
[  502.974281][ T1683]  should_fail_ex+0x265/0x280
[  502.974397][ T1683]  should_fail+0xb/0x20
[  502.974429][ T1683]  should_fail_usercopy+0x1a/0x20
[  502.974450][ T1683]  _copy_from_user+0x1c/0xb0
[  502.974498][ T1683]  sctp_setsockopt+0x154/0xe30
[  502.974537][ T1683]  sock_common_setsockopt+0x69/0x80
[  502.974568][ T1683]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  502.974599][ T1683]  __sys_setsockopt+0x184/0x200
[  502.974700][ T1683]  __x64_sys_setsockopt+0x64/0x80
[  502.974741][ T1683]  x64_sys_call+0x20ec/0x3000
[  502.974771][ T1683]  do_syscall_64+0xd2/0x200
[  502.974804][ T1683]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  502.974855][ T1683]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  502.974898][ T1683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.975031][ T1683] RIP: 0033:0x7fcb32bbeec9
[  502.975054][ T1683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  502.975081][ T1683] RSP: 002b:00007fcb3161f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  502.975107][ T1683] RAX: ffffffffffffffda RBX: 00007fcb32e15fa0 RCX: 00007fcb32bbeec9
[  502.975125][ T1683] RDX: 0000000000000011 RSI: 0000000000000084 RDI: 0000000000000003
[  502.975148][ T1683] RBP: 00007fcb3161f090 R08: 0000000000000008 R09: 0000000000000000
[  502.975161][ T1683] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  502.975240][ T1683] R13: 00007fcb32e16038 R14: 00007fcb32e15fa0 R15: 00007fff988a1238
[  502.975316][ T1683]  </TASK>
[  503.295733][ T1686] !yz!: rxe_newlink: already configured on team_slave_0
[  503.313265][ T1688] loop9: detected capacity change from 0 to 512
[  503.352703][ T1688] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  503.367239][ T1688] EXT4-fs (loop9): orphan cleanup on readonly fs
[  503.375112][ T1688] EXT4-fs error (device loop9): ext4_do_update_inode:5624: inode #16: comm syz.9.12193: corrupted inode contents
[  503.387564][ T1688] EXT4-fs (loop9): Remounting filesystem read-only
[  503.394330][ T1688] EXT4-fs (loop9): 1 truncate cleaned up
[  503.400346][ T3684] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  503.410997][ T3684] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  503.440249][ T3684] EXT4-fs (loop9): Quota write (off=8, len=24) cancelled because transaction is not started
[  503.451156][ T1688] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  503.478214][ T1178] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  503.655211][ T1710] loop3: detected capacity change from 0 to 1024
[  503.671342][ T1710] EXT4-fs: Ignoring removed orlov option
[  503.710095][ T1710] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  503.768041][ T1714] syz!: rxe_newlink: already configured on team_slave_0
[  503.843689][ T1719] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12205'.
[  503.865381][ T1719] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1719 comm=syz.2.12205
[  503.944601][ T1723] loop8: detected capacity change from 0 to 1024
[  503.954169][ T1723] EXT4-fs: Ignoring removed orlov option
[  503.985372][ T1723] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  504.136013][ T1737] loop2: detected capacity change from 0 to 512
[  504.143456][ T1737] EXT4-fs: Ignoring removed nobh option
[  504.158733][ T1723] ==================================================================
[  504.167085][ T1723] BUG: KCSAN: data-race in filemap_read / filemap_read
[  504.174120][ T1723] 
[  504.176573][ T1723] read to 0xffff888115e21528 of 8 bytes by task 1735 on cpu 0:
[  504.184222][ T1723]  filemap_read+0x6f/0xa00
[  504.188689][ T1723]  generic_file_read_iter+0x79/0x330
[  504.194205][ T1723]  ext4_file_read_iter+0x1cc/0x290
[  504.199368][ T1723]  copy_splice_read+0x442/0x660
[  504.204271][ T1723]  splice_direct_to_actor+0x290/0x680
[  504.209766][ T1723]  do_splice_direct+0xda/0x150
[  504.214568][ T1723]  do_sendfile+0x380/0x650
[  504.219061][ T1723]  __x64_sys_sendfile64+0x105/0x150
[  504.224286][ T1723]  x64_sys_call+0x2bb4/0x3000
[  504.229072][ T1723]  do_syscall_64+0xd2/0x200
[  504.233594][ T1723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.239587][ T1723] 
[  504.241919][ T1723] write to 0xffff888115e21528 of 8 bytes by task 1723 on cpu 1:
[  504.249849][ T1723]  filemap_read+0x974/0xa00
[  504.254628][ T1723]  generic_file_read_iter+0x79/0x330
[  504.260047][ T1723]  ext4_file_read_iter+0x1cc/0x290
[  504.265189][ T1723]  copy_splice_read+0x442/0x660
[  504.270146][ T1723]  splice_direct_to_actor+0x290/0x680
[  504.275708][ T1723]  do_splice_direct+0xda/0x150
[  504.280579][ T1723]  do_sendfile+0x380/0x650
[  504.285052][ T1723]  __x64_sys_sendfile64+0x105/0x150
[  504.290357][ T1723]  x64_sys_call+0x2bb4/0x3000
[  504.295138][ T1723]  do_syscall_64+0xd2/0x200
[  504.299659][ T1723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.305663][ T1723] 
[  504.307990][ T1723] value changed: 0x0000000000000121 -> 0x0000000000000122
[  504.315368][ T1723] 
[  504.317696][ T1723] Reported by Kernel Concurrency Sanitizer on:
[  504.324058][ T1723] CPU: 1 UID: 0 PID: 1723 Comm: syz.8.12207 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  504.335446][ T1723] Tainted: [W]=WARN
[  504.339339][ T1723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  504.349500][ T1723] ==================================================================
[  504.364017][ T1737] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #3: comm syz.2.12213: corrupted inode contents
[  504.378365][ T1737] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #3: comm syz.2.12213: mark_inode_dirty error
[  504.401727][ T1737] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #3: comm syz.2.12213: corrupted inode contents
[  504.419483][ T1737] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.12213: mark_inode_dirty error
[  504.446734][ T1737] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.12213: Failed to acquire dquot type 0
[  504.471789][  T548] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.481453][ T1737] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12213: corrupted inode contents
[  504.498177][ T1737] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #16: comm syz.2.12213: mark_inode_dirty error
[  504.510183][ T1737] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12213: corrupted inode contents
[  504.511488][T29965] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.531514][ T1737] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.12213: mark_inode_dirty error
[  504.543352][ T1737] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12213: corrupted inode contents
[  504.555594][ T1737] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[  504.564832][ T1737] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.12213: corrupted inode contents
[  504.577408][ T1737] EXT4-fs error (device loop2): ext4_truncate:4637: inode #16: comm syz.2.12213: mark_inode_dirty error
[  504.589353][ T1737] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[  504.598815][ T1737] EXT4-fs (loop2): 1 truncate cleaned up
[  504.604873][ T1737] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  504.617419][ T1737] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  504.628908][ T1737] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.